| lists.openwall.net | lists / announce owl-users owl-dev john-users john-dev passwdqc-users yescrypt popa3d-users / oss-security kernel-hardening musl sabotage tlsify passwords / crypt-dev xvendor / Bugtraq Full-Disclosure linux-kernel linux-netdev linux-ext4 linux-hardening linux-cve-announce PHC | |
|
Open Source and information security mailing list archives
| ||
|
Message-ID: <20251120091802.0b238c96@pumpkin>
Date: Thu, 20 Nov 2025 09:18:02 +0000
From: David Laight <david.laight.linux@...il.com>
To: Alan Stern <stern@...land.harvard.edu>
Cc: linux-kernel@...r.kernel.org, linux-usb@...r.kernel.org,
usb-storage@...ts.one-eyed-alien.net, Greg Kroah-Hartman
<gregkh@...uxfoundation.org>
Subject: Re: [PATCH 28/44] drivers/usb/storage: use min() instead of min_t()
On Wed, 19 Nov 2025 21:59:42 -0500
Alan Stern <stern@...land.harvard.edu> wrote:
> On Wed, Nov 19, 2025 at 10:41:24PM +0000, david.laight.linux@...il.com wrote:
> > From: David Laight <david.laight.linux@...il.com>
> >
> > min_t(unsigned int, a, b) casts an 'unsigned long' to 'unsigned int'.
> > Use min(a, b) instead as it promotes any 'unsigned int' to 'unsigned long'
> > and so cannot discard significant bits.
> >
> > In this case the 'unsigned long' value is small enough that the result
> > is ok.
> >
> > Detected by an extra check added to min_t().
>
> In fact, min_t(T, a, b) cannot go wrong as long as all the types are
> unsigned and at least one of a, b has type T or smaller.
That is backwards, both a and b have to have types at least as large
as T (or rather values that will fit in T).
- which is exactly what people keep getting wrong.
Consider:
u32 a = 4;
u64 b = 0x100000001ull;
then:
min_t(u32, a, b)
has value 1 not 4.
David
> Of course, in
> this situation there's no reason not to simply use min(). (And if both
> a and b have types larger than T, why would someone use min_t() like
> this in the first place?)
>
> Regardless, the patch is fine with me.
>
> Acked-by: Alan Stern <stern@...land.harvard.edu>
>
> Alan Stern
>
> > Signed-off-by: David Laight <david.laight.linux@...il.com>
> > ---
> > drivers/usb/storage/protocol.c | 3 +--
> > 1 file changed, 1 insertion(+), 2 deletions(-)
> >
> > diff --git a/drivers/usb/storage/protocol.c b/drivers/usb/storage/protocol.c
> > index 9033e505db7f..0cff54ad90fa 100644
> > --- a/drivers/usb/storage/protocol.c
> > +++ b/drivers/usb/storage/protocol.c
> > @@ -139,8 +139,7 @@ unsigned int usb_stor_access_xfer_buf(unsigned char *buffer,
> > return cnt;
> >
> > while (sg_miter_next(&miter) && cnt < buflen) {
> > - unsigned int len = min_t(unsigned int, miter.length,
> > - buflen - cnt);
> > + unsigned int len = min(miter.length, buflen - cnt);
> >
> > if (dir == FROM_XFER_BUF)
> > memcpy(buffer + cnt, miter.addr, len);
> > --
> > 2.39.5
> >
Powered by blists - more mailing lists