Re: [PATCH net] xfrm: prevent some integer overflows in verify_ functions

From: Dan Carpenter
Date: Tue Dec 17 2024 - 07:32:52 EST

Next message: Dmitry Baryshkov: "Re: [PATCH v2 15/15] drm/mediatek: Introduce HDMI/DDC v2 for MT8195/MT8188"
Previous message: Dmitry Baryshkov: "Re: [PATCH v6 03/10] drm/connector: implement generic HDMI codec helpers"
In reply to: Herbert Xu: "Re: [PATCH net] xfrm: prevent some integer overflows in verify_ functions"
Next in thread: Herbert Xu: "[PATCH net] xfrm: Rewrite key length conversion to avoid overflows"
Messages sorted by: [ date ] [ thread ] [ subject ] [ author ]

On Tue, Dec 17, 2024 at 08:03:38PM +0800, Herbert Xu wrote:
> On Tue, Dec 17, 2024 at 11:42:31AM +0300, Dan Carpenter wrote:
> >
> > + if (algp->alg_key_len > INT_MAX) {
>
> Why not check for UINT_MAX - 7? INT_MAX seems a bit arbitrary.
>

That seems like basic algebra but we have a long history of getting
integer overflow checks wrong so these days I like to just use
INT_MAX where ever I can. I wanted to use USHRT_MAX. We aren't allowed
to use more than USHRT_MAX bytes, but maybe we're allowed USHRT_MAX
bits, so I didn't do that.

regards,
dan carpenter

Next message: Dmitry Baryshkov: "Re: [PATCH v2 15/15] drm/mediatek: Introduce HDMI/DDC v2 for MT8195/MT8188"
Previous message: Dmitry Baryshkov: "Re: [PATCH v6 03/10] drm/connector: implement generic HDMI codec helpers"
In reply to: Herbert Xu: "Re: [PATCH net] xfrm: prevent some integer overflows in verify_ functions"
Next in thread: Herbert Xu: "[PATCH net] xfrm: Rewrite key length conversion to avoid overflows"
Messages sorted by: [ date ] [ thread ] [ subject ] [ author ]