| lists.openwall.net | lists / announce owl-users owl-dev john-users john-dev passwdqc-users yescrypt popa3d-users / oss-security kernel-hardening musl sabotage tlsify passwords / crypt-dev xvendor / Bugtraq Full-Disclosure linux-kernel linux-netdev linux-ext4 linux-hardening linux-cve-announce PHC | |
|
Open Source and information security mailing list archives
| ||
|
Message-ID: <cd039ed4855c4e78a0867c4b5173e879@AcuMS.aculab.com>
Date: Tue, 20 Jun 2023 13:35:11 +0000
From: David Laight <David.Laight@...LAB.COM>
To: 'Andy Shevchenko' <andriy.shevchenko@...ux.intel.com>
CC: Jens Axboe <axboe@...nel.dk>,
Greg Kroah-Hartman <gregkh@...uxfoundation.org>,
"linux-block@...r.kernel.org" <linux-block@...r.kernel.org>,
"linux-kernel@...r.kernel.org" <linux-kernel@...r.kernel.org>
Subject: RE: [PATCH v1 1/1] pktcdvd: Use clamp_val() instead of min()+max()
From: 'Andy Shevchenko'
> Sent: 20 June 2023 14:25
>
> On Tue, Jun 20, 2023 at 12:06:49PM +0000, David Laight wrote:
>
> ...
>
> > > + *hi = clamp_val(*hi, 500, 1000000);
> >
> > (standard rant about minmax.h)
> >
> > clamp_val() is pretty much broken by design.
> > It MIGHT be ok here but it casts both limits to the
> > type of the value being compared.
> > In general that is just plain wrong.
> >
> > Like min_t() it is generally ok because the kernel only uses
> > unsigned values between 0 and MAXINT.
> >
> > If min/max were ok, then using clamp() should also be ok.
>
> Submit a patch to fix it, if you think you can make it better.
> Obviously your comment can be addressed separately if we even
> need that.
Did you try using clamp() ?
To see why clamp_val() is broken consider?
unsigned char val = 200;
...
xxx = clamp_val(val, 10, 300);
This sets xxx to 44 - not exactly expected.
David
-
Registered Address Lakeside, Bramley Road, Mount Farm, Milton Keynes, MK1 1PT, UK
Registration No: 1397386 (Wales)
Powered by blists - more mailing lists