Re: [RFC] LZO de/compression support - take 3

[Andrew Morton]

On Wed, 23 May 2007 19:51:44 +0530 "Nitin Gupta" <nitingupta910@xxxxxxxxx> wrote:

> On 5/23/07, Michael-Luke Jones <mlj28@xxxxxxxxx> wrote:
> > On 23 May 2007, at 15:03, Nitin Gupta wrote:
> >
> > >> Perhaps a rename is in order:
> > >> lzo1x_decompress() => lzo1x_decompress_unsafe()
> > >> lzo1x_decompress_safe => lzo1x_decompress()
> > >
> > > Or perhaps make reiserfs use _safe() instead - I think Richard has
> > > already submitted patch for same.
> >
> > If someone's already made this mistake once, then it'll happen again.
> > In-kernel memory corruption is no fun.
> >
> > Safe/Secure == Default
> 
> If I rename 'nonsafe' version as such then it will seem like its a
> 'broken' implementation which is not the case. If somebody is upto
> including compression he must be having head to use the right
> decompress version depending on this scenario :-)
> 

<wakes up>

What's "unsafe" here?  If you fed it bad data, the decompressor will
scribble on memory or crash the kernel or hang up?

If so, it was quite inappropriate that a filesystem be using the unsafe
version.

I'd agree with the proposed renaming.  In fact I'd suggest that the unsafe
APIs just be removed - it's hard to imagine a situation in which they're OK
to be used in the kernel.

-
To unsubscribe from this list: send the line "unsubscribe linux-kernel" in
the body of a message to majordomo@xxxxxxxxxxxxxxx
More majordomo info at  http://vger.kernel.org/majordomo-info.html
Please read the FAQ at  http://www.tux.org/lkml/