Re: Suggestion on "int len" sanity

[Date Prev][Date Next][Thread Prev][Thread Next][Date Index][Thread Index]

 



On Wed, 1 June 2005 09:06:33 +0200, XIAO Gang wrote:
> 
> I would like to make a security suggestion.
> 
> There are many length variables in the kernel, locally declared as "len" 
> or "length", either as "int", "unsigned int" or "size_t". However, 
> declaring a length as "int" leads easily to an erroneous situation, as 
> the author (or even a code checker) might make the implicite hypothesis 
> that the length is positive, so that it is enough to make a sanity check 
> of the kind
> 
> if (length > limit) ERROR;
> 
> which is not enough.
> 
> On the other hand, when a variable is named "len" or "length", it is 
> usually used for length and never should go negative. So could I suggest 
> that the declarations of these variables to be uniformized to "size_t", 
> via a gradual but sysmatic cleanup?

Could be.  Can you pick an example and send a patch for it?

Jörn

-- 
Sometimes, asking the right question is already the answer.
-- Unknown
-
To unsubscribe from this list: send the line "unsubscribe linux-kernel" in
the body of a message to [email protected]
More majordomo info at  http://vger.kernel.org/majordomo-info.html
Please read the FAQ at  http://www.tux.org/lkml/

[Index of Archives]     [Kernel Newbies]     [Netfilter]     [Bugtraq]     [Photo]     [Stuff]     [Gimp]     [Yosemite News]     [MIPS Linux]     [ARM Linux]     [Linux Security]     [Linux RAID]     [Video 4 Linux]     [Linux for the blind]     [Linux Resources]
  Powered by Linux