On Thu, 2 June 2005 09:28:55 +0200, XIAO Gang wrote:
>
> Examples:
>
> 1. In the types of sys_[gs]ethostname, sys_[gs]etdomainname, "int len"
> could be replaced
> by "unsigned int" or "size_t" and sanity check simplified.
If you really want that fun, try changing it to "unsigned long long"
on your private machine and do some testing.
Hint: arch/i386/kernel/syscall_table.S
> 2. In mm/shmem.c, shmem_symlink(), we have "len = strlen(symname) + 1;".
> Although it is highly
> improbable that strlen(symname) overflows, it is more correct to declare
> "size_t len;".
Yep, looks sane.
> 3. The similar situation occurs in fs/namei.c, vfs_readlink(). Here it does
> not matter if len
> is declared to be unsigned, but for size_t, we have to take care about the
> size of size_t.
You could possibly change the code to:
int vfs_readlink(struct dentry *dentry, char __user *buffer, int buflen, const char *link)
{
union {
unsigned len;
int ret;
} u;
u.ret = PTR_ERR(link);
if (IS_ERR(link))
goto out;
u.len = strlen(link);
if (u.len > (unsigned) buflen)
u.len = buflen;
if (copy_to_user(buffer, link, u.len))
u.ret = -EFAULT;
out:
return u.ret;
}
But what would we gain, except for a few additional lines?
Jörn
--
Happiness isn't having what you want, it's wanting what you have.
-- unknown
-
To unsubscribe from this list: send the line "unsubscribe linux-kernel" in
the body of a message to [email protected]
More majordomo info at http://vger.kernel.org/majordomo-info.html
Please read the FAQ at http://www.tux.org/lkml/
[Index of Archives]
[Kernel Newbies]
[Netfilter]
[Bugtraq]
[Photo]
[Stuff]
[Gimp]
[Yosemite News]
[MIPS Linux]
[ARM Linux]
[Linux Security]
[Linux RAID]
[Video 4 Linux]
[Linux for the blind]
[Linux Resources]
