On Fri, 2023-11-03 at 06:53 +0100, Greg Kroah-Hartman wrote:
On Thu, Nov 02, 2023 at 08:08:49PM +0100, Philipp Stanner wrote:
comedi_fops.c utilizes memdup_user() to copy a userspace array. This
does not check for an overflow.
Is there potential for an overflow today?
None that I'm aware of, no. This is more about establishing the new
function as the standard for array-copying, thereby improving
readability and maybe robustness in case of future changes.
Use the new wrapper memdup_array_user() to copy the array more safely.
How about saying something like:
"Use the new function memdup_array_user() in case things change
in the future which would prevent overflows if something were to
change in the size of the structures".
Or something to the affect of "all is good today, but make it easy to be
correct in the future as well".
Yes, good idea. I'll send a better wording