Re: [GIT PULL] scheduler fix

From: Linus Torvalds
Date: Thu Apr 08 2010 - 11:47:19 EST

Next message: Martin Jansa: "Re: [Zaurus-devel] [regression] 2.6.34-rc1 to -rc3 on zaurus: nolonger boots"
Previous message: Ingo Molnar: "[GIT PULL] scheduler fix"
In reply to: Ingo Molnar: "[GIT PULL] scheduler fix"
Next in thread: Andreas Schwab: "Re: [GIT PULL] scheduler fix"
Messages sorted by: [ date ] [ thread ] [ subject ] [ author ]

On Thu, 8 Apr 2010, Ingo Molnar wrote:
>
> - if (len < nr_cpu_ids)
> + if ((len * BITS_PER_BYTE) < nr_cpu_ids)
> return -EINVAL;

Not that it really matters, but this will now fail for no good reason if
you pass it a half-gigabyte area due to overflow.

Of course, if you pass it a half gig memory array, you're a f*cking moron
to begin with, so I don't think anybody really _cares_. But in general,
when checking system call arguments, I'd like people to think about
overflow issues more.

In this case it doesn't matter, and overflow just makes the test more
conservative than they need to be, but when it _does_ matter it often ends
up being a security issue.

Linus
--
To unsubscribe from this list: send the line "unsubscribe linux-kernel" in
the body of a message to majordomo@xxxxxxxxxxxxxxx
More majordomo info at http://vger.kernel.org/majordomo-info.html
Please read the FAQ at http://www.tux.org/lkml/

Next message: Martin Jansa: "Re: [Zaurus-devel] [regression] 2.6.34-rc1 to -rc3 on zaurus: nolonger boots"
Previous message: Ingo Molnar: "[GIT PULL] scheduler fix"
In reply to: Ingo Molnar: "[GIT PULL] scheduler fix"
Next in thread: Andreas Schwab: "Re: [GIT PULL] scheduler fix"
Messages sorted by: [ date ] [ thread ] [ subject ] [ author ]