Re: [PATCH] bfs: prevent underflow in bfs_find_entry()

From: Dan Carpenter
Date: Tue Mar 10 2020 - 04:38:29 EST


On Mon, Mar 09, 2020 at 09:14:27AM +0000, Tigran Aivazian wrote:
> Hello Dan,
>
> On Sat, 7 Mar 2020 at 06:08, Dan Carpenter <dan.carpenter@xxxxxxxxxx> wrote:
> > - int namelen = child->len;
> > + unsigned int namelen = child->len;
>
> Thank you, that is sensible, but have you actually verified that
> attempting a lookup of a filename longer than 2.2 billion bytes causes
> a problem? If that's the case, then your patch should be considered.
> If not, it would seem to be a waste of time to worry about something
> that cannot ever happen.

As the commit message says, this is just to silence a static checker
warning about checking for upper bounds but ignoring negatives. The
check has found a number of problems in the past but it becomes less
useful if security reviewers have to sort through a bunch of false
positives.

regards,
dan carpenter