[PATCH 2/4] lib/vsprintf.c: Improve sanity check in vsnprintf()

[Rasmus Villemoes]

On 64 bit, size may very well be huge even if bit 31 happens to be
0. Somehow it doesn't feel right that one can pass a 5 GiB buffer but
not a 3 GiB one. So cap at INT_MAX as was probably the intention all
along. This is also the made-up value passed by sprintf and vsprintf.

Signed-off-by: Rasmus Villemoes <linux@xxxxxxxxxxxxxxxxxx>
---
 lib/vsprintf.c | 2 +-
 1 file changed, 1 insertion(+), 1 deletion(-)

diff --git a/lib/vsprintf.c b/lib/vsprintf.c
index 98ad170b10e0..cf12ba86205c 100644
--- a/lib/vsprintf.c
+++ b/lib/vsprintf.c
@@ -1727,7 +1727,7 @@ int vsnprintf(char *buf, size_t size, const char *fmt, va_list args)
 
 	/* Reject out-of-range values early.  Large positive sizes are
 	   used for unknown buffer sizes. */
-	if (WARN_ON_ONCE((int) size < 0))
+	if (WARN_ON_ONCE(size > INT_MAX))
 		return 0;
 
 	str = buf;
-- 
2.1.3

--
To unsubscribe from this list: send the line "unsubscribe linux-kernel" in
the body of a message to majordomo@xxxxxxxxxxxxxxx
More majordomo info at  http://vger.kernel.org/majordomo-info.html
Please read the FAQ at  http://www.tux.org/lkml/