I would like to make a security suggestion.
There are many length variables in the kernel, locally declared as "len"
or "length", either as "int", "unsigned int" or "size_t". However,
declaring a length as "int" leads easily to an erroneous situation, as
the author (or even a code checker) might make the implicite hypothesis
that the length is positive, so that it is enough to make a sanity check
of the kind
if (length > limit) ERROR;
which is not enough.
On the other hand, when a variable is named "len" or "length", it is
usually used for length and never should go negative. So could I suggest
that the declarations of these variables to be uniformized to "size_t",
via a gradual but sysmatic cleanup?
--
XIAO Gang (~{P$8U~}) [email protected]
home page: pcmath126.unice.fr/xiao.html
-
To unsubscribe from this list: send the line "unsubscribe linux-kernel" in
the body of a message to [email protected]
More majordomo info at http://vger.kernel.org/majordomo-info.html
Please read the FAQ at http://www.tux.org/lkml/
[Index of Archives]
[Kernel Newbies]
[Netfilter]
[Bugtraq]
[Photo]
[Stuff]
[Gimp]
[Yosemite News]
[MIPS Linux]
[ARM Linux]
[Linux Security]
[Linux RAID]
[Video 4 Linux]
[Linux for the blind]
[Linux Resources]
