Re: [PATCH 1/2] drm/i915: fix integer overflow in i915_gem_execbuffer2()

From: Xi Wang
Date: Fri Apr 06 2012 - 14:17:41 EST

Next message: Jim Garlick: "Re: ipv6: tunnel: hang when destroying ipv6 tunnel"
Previous message: Bjorn Helgaas: "linux-next: change PCI trees"
In reply to: Chris Wilson: "Re: [PATCH 1/2] drm/i915: fix integer overflow in i915_gem_execbuffer2()"
Next in thread: Chris Wilson: "Re: [PATCH 1/2] drm/i915: fix integer overflow in i915_gem_execbuffer2()"
Messages sorted by: [ date ] [ thread ] [ subject ] [ author ]

On Apr 6, 2012, at 10:44 AM, Chris Wilson wrote:

> That I agreed with, I just disagree with how you chose to handle it.
> Rather than continue on and attempt to vmalloc a large array we should
> just fail the ioctl with EINVAL.

Why an attempt to vmalloc? The overflow check in drm_malloc_ab()
will simply return NULL and fail the ioctl with -ENOMEM.

- xi

--
To unsubscribe from this list: send the line "unsubscribe linux-kernel" in
the body of a message to majordomo@xxxxxxxxxxxxxxx
More majordomo info at http://vger.kernel.org/majordomo-info.html
Please read the FAQ at http://www.tux.org/lkml/

Next message: Jim Garlick: "Re: ipv6: tunnel: hang when destroying ipv6 tunnel"
Previous message: Bjorn Helgaas: "linux-next: change PCI trees"
In reply to: Chris Wilson: "Re: [PATCH 1/2] drm/i915: fix integer overflow in i915_gem_execbuffer2()"
Next in thread: Chris Wilson: "Re: [PATCH 1/2] drm/i915: fix integer overflow in i915_gem_execbuffer2()"
Messages sorted by: [ date ] [ thread ] [ subject ] [ author ]