| lists.openwall.net | lists / announce owl-users owl-dev john-users john-dev passwdqc-users yescrypt popa3d-users / oss-security kernel-hardening musl sabotage tlsify passwords / crypt-dev xvendor / Bugtraq Full-Disclosure linux-kernel linux-netdev linux-ext4 linux-hardening linux-cve-announce PHC | |
|
Open Source and information security mailing list archives
| ||
|
Date: Mon, 25 Jun 2018 19:10:59 -0700
From: Joe Perches <joe@...ches.com>
To: Chengguang Xu <cgxu519@....com>, jakub.kicinski@...ronome.com,
davem@...emloft.net, LKML <linux-kernel@...r.kernel.org>,
Julia Lawall <julia.lawall@...6.fr>,
cocci <cocci@...teme.lip6.fr>
Cc: oss-drivers@...ronome.com, netdev@...r.kernel.org,
Dmitry Torokhov <dmitry.torokhov@...il.com>,
linux-input <linux-input@...r.kernel.org>,
linux-s390 <linux-s390@...r.kernel.org>
Subject: Re: [PATCH v2 net] nfp: cast sizeof() to int when comparing with
error code
On Tue, 2018-06-26 at 09:16 +0800, Chengguang Xu wrote:
> sizeof() will return unsigned value so in the error check
> negative error code will be always larger than sizeof().
This looks like a general class of error in the kernel
where a signed result that could be returning a -errno
is tested against < or <= sizeof()
A couple examples:
drivers/input/mouse/elan_i2c_smbus.c:
len = i2c_smbus_read_block_data(client,
ETP_SMBUS_IAP_PASSWORD_READ,
val);
if (len < sizeof(u16)) {
i2c_smbus_read_block_data can return a negative errno
net/smc/smc_clc.c:
len = kernel_sendmsg(smc->clcsock, &msg, &vec, 1,
sizeof(struct smc_clc_msg_decline));
if (len < sizeof(struct smc_clc_msg_decline))
where kernel_sendmsg can return a negative errno
There are probably others, I didn't look hard.
Perhaps a cocci script to find these could be generated?
Powered by blists - more mailing lists