Re: [PATCH v2] fs: make d_path-like functions all have unsigned size

From: Andy Shevchenko
Date: Tue Jul 27 2021 - 08:39:42 EST

Next message: Luis Chamberlain: "Re: [PATCH] intersil: remove obsolete prism54 wireless driver"
Previous message: Robert Richter: "Re: [PATCH] drivers/edac/edac_mc: Remove all strcpy() uses"
In reply to: Greg Kroah-Hartman: "[PATCH v2] fs: make d_path-like functions all have unsigned size"
Next in thread: Greg Kroah-Hartman: "Re: [PATCH v2] fs: make d_path-like functions all have unsigned size"
Messages sorted by: [ date ] [ thread ] [ subject ] [ author ]

On Tue, Jul 27, 2021 at 02:07:54PM +0200, Greg Kroah-Hartman wrote:
> When running static analysis tools to find where signed values could
> potentially wrap the family of d_path() functions turn out to trigger a
> lot of mess. In evaluating the code, all of these usages seem safe, but
> pointer math is involved so if a negative number is ever somehow passed
> into these functions, memory can be traversed backwards in ways not
> intended.
>
> Resolve all of the abuguity by just making "size" an unsigned value,
> which takes the guesswork out of everything involved.

Are you sure it's correct change?

Look into extract_string() implementation.

if (likely(p->len >= 0))
return p->buf;
return ERR_PTR(-ENAMETOOLONG);

Your change makes it equal to

return p->buf;

if I'm not mistaken.

--
With Best Regards,
Andy Shevchenko

Next message: Luis Chamberlain: "Re: [PATCH] intersil: remove obsolete prism54 wireless driver"
Previous message: Robert Richter: "Re: [PATCH] drivers/edac/edac_mc: Remove all strcpy() uses"
In reply to: Greg Kroah-Hartman: "[PATCH v2] fs: make d_path-like functions all have unsigned size"
Next in thread: Greg Kroah-Hartman: "Re: [PATCH v2] fs: make d_path-like functions all have unsigned size"
Messages sorted by: [ date ] [ thread ] [ subject ] [ author ]