Re: [Coverity] Untrusted user data in kernel

From: Paulo Marques
Date: Thu Jan 06 2005 - 09:49:21 EST

Next message: Michael S. Tsirkin: "[PATCH] fget_light/fput_light for ioctls"
Previous message: James Bottomley: "RE: How to add/drop SCSI drives from within the driver?"
In reply to: Jan Kasprzak: "Re: [Coverity] Untrusted user data in kernel"
Next in thread: Alan Cox: "Re: [Coverity] Untrusted user data in kernel"
Messages sorted by: [ date ] [ thread ] [ subject ] [ author ]

Jan Kasprzak wrote:

[...]
+ if (mem.len <= 0 || mem.addr < 0 || mem.len > 65536 || mem.addr > 65535
+ || mem.addr + mem.len > 65536)
+ return -EFAULT;

Just an extremely small nitpick. The conditions

mem.len > 65536 || mem.addr > 65535

aren't needed, because if one of them is true, then

mem.addr + mem.len > 65536

must be true also, since we've already asserted that len>0 and addr>=0.

This would be even simpler if len and addr were unsigned as they should be, but that's probably not your fault :(

--
Paulo Marques - www.grupopie.com

"A journey of a thousand miles begins with a single step."
Lao-tzu, The Way of Lao-tzu
-
To unsubscribe from this list: send the line "unsubscribe linux-kernel" in
the body of a message to majordomo@xxxxxxxxxxxxxxx
More majordomo info at http://vger.kernel.org/majordomo-info.html
Please read the FAQ at http://www.tux.org/lkml/

Next message: Michael S. Tsirkin: "[PATCH] fget_light/fput_light for ioctls"
Previous message: James Bottomley: "RE: How to add/drop SCSI drives from within the driver?"
In reply to: Jan Kasprzak: "Re: [Coverity] Untrusted user data in kernel"
Next in thread: Alan Cox: "Re: [Coverity] Untrusted user data in kernel"
Messages sorted by: [ date ] [ thread ] [ subject ] [ author ]