| lists.openwall.net | lists / announce owl-users owl-dev john-users john-dev passwdqc-users yescrypt popa3d-users / oss-security kernel-hardening musl sabotage tlsify passwords / crypt-dev xvendor / Bugtraq Full-Disclosure linux-kernel linux-netdev linux-ext4 linux-hardening linux-cve-announce PHC | |
|
Open Source and information security mailing list archives
| ||
|
Message-ID: <472FAE5E.8030701@oracle.com>
Date: Mon, 05 Nov 2007 18:59:26 -0500
From: Chuck Lever <chuck.lever@...cle.com>
To: David Miller <davem@...emloft.net>
CC: netdev@...r.kernel.org
Subject: Re: [PATCH] NET: Remove unneeded type cast in skb_truesize_check()
David Miller wrote:
> From: Chuck Lever <chuck.lever@...cle.com>
> Date: Fri, 02 Nov 2007 15:14:26 -0400
>
>> The (int) type cast in skb_truesize_check() is unneeded: without it, all
>> the variable types in the conditional expression are unsigned integers. As
>> it stands, the type cast causes a comparison between a signed and an
>> unsigned integer, which can produce unexpected results.
>>
>> Signed-off-by: Chuck Lever <chuck.lever@...cle.com>
>
> This is checking for skb->truesize being decremented too much by other
> code, which could cause a wraparound below zero, so we do want
> negaitve checks here.
If that's truly the case, document the requirement (perhaps using
something the compiler itself can verify) instead of using a clever
type cast trick.
Here's the problem with leaving these little surprises in commonly used
kernel headers. Suppose the developer of a network driver or network
file system that uses one of these headers wants to employ static code
analysis to identify issues introduced by new patches to their
subsystem. The tool warnings generated in kernel headers are just
noise, and make using such code analysis difficult.
View attachment "chuck.lever.vcf" of type "text/x-vcard" (260 bytes)
Powered by blists - more mailing lists