|
On Wed, Sep 03, 2014 at 10:03:00PM +0300, Dan Carpenter wrote:
> On Wed, Sep 03, 2014 at 09:17:38PM +0300, Julian Anastasov wrote:
> > > An another question, in do_ip_vs_get_ctl() I can see:
> > >
> > > + copylen = get_arglen[CMDID(cmd)];
> > > + if (*len < (int) copylen || *len < 0) {
> > >
> > > len is signed, the casting also enforces signed arithmetics. copylen
> > > can be 0 at worst case for unused options. Perhaps I'm overlooking
> > > something but I think *len < 0 is redundant.
> >
> > Yes, I added it for readability, it can be
> > removed, I checked that it does not generate code when
> > I added it. IIRC, Arjan van de Ven mentioned
> > about gcc reporting for missing range checks when
> > commit 04bcef2a83f40c6db24222b
> > ("ipvs: Add boundary check on ioctl arguments") was
> > discussed. This is his posting:
> >
> > http://marc.info/?l=linux-netdev&m=125443389131548&w=2
> >
> > But I don't know how to check for such warnings
> > and if they are still reported.
> >
>
> I think you mean CONFIG_DEBUG_STRICT_USER_COPY_CHECKS. Unfortunately
> it's been turned off on recent versions of GCC since 2fb0815c9ee6
> ('gcc4: disable __compiletime_object_size for GCC 4.6+')
OK, then I'm going to remove it.
Please, see patch attached. Let me know if you have any concern with
it. Thanks!
0001-ipvs-reduce-stack-usage-for-sockopt-data.patch
Description: Text Data
|
