Re: Suggestion on "int len" sanity

[XIAO Gang]

Jörn Engel wrote:

> On Thu, 2 June 2005 09:28:55 +0200, XIAO Gang wrote:
>  
>
> > Examples:
> >
> > 1. In the types of sys_[gs]ethostname, sys_[gs]etdomainname, "int len" 
> > could be replaced
> > by "unsigned int" or "size_t" and sanity check simplified.
> >    
>
> If you really want that fun, try changing it to "unsigned long long"
> on your private machine and do some testing.
>
> Hint: arch/i386/kernel/syscall_table.S
I know; I might try to do something later. The question here is to find 
the best balancing point between what
are better replaced and what are not. I would hesitate a lot before 
doing things as below which are more likely to introduce new bugs than 
to avoid old ones.

> > 3. The similar situation occurs in fs/namei.c, vfs_readlink(). Here it does 
> > not matter if len
> > is declared to be unsigned, but for size_t, we have to take care about the 
> > size of size_t.
> >    
>
> You could possibly change the code to:
>
> int vfs_readlink(struct dentry *dentry, char __user *buffer, int buflen, const char *link)
> {
> 	union {
> 		unsigned len;
> 		int ret;
> 	} u;
>
> 	u.ret = PTR_ERR(link);
> 	if (IS_ERR(link))
> 		goto out;
>
> 	u.len = strlen(link);
> 	if (u.len > (unsigned) buflen)
> 		u.len = buflen;
> 	if (copy_to_user(buffer, link, u.len))
> 		u.ret = -EFAULT;
> out:
> 	return u.ret;
> }
>
> But what would we gain, except for a few additional lines?
>
> Jörn
>
>  


--

XIAO Gang (~{P$8U~})                          xiao@xxxxxxxx
         home page: pcmath126.unice.fr/xiao.html 



-
To unsubscribe from this list: send the line "unsubscribe linux-kernel" in
the body of a message to majordomo@xxxxxxxxxxxxxxx
More majordomo info at  http://vger.kernel.org/majordomo-info.html
Please read the FAQ at  http://www.tux.org/lkml/