* [PATCH] lib/test_kmod: Fix an integer overflow test
@ 2018-01-22 10:27 Dan Carpenter
2018-02-24 2:59 ` Luis R. Rodriguez
0 siblings, 1 reply; 5+ messages in thread
From: Dan Carpenter @ 2018-01-22 10:27 UTC (permalink / raw)
To: Luis R. Rodriguez; +Cc: linux-kernel, kernel-janitors
The main problem is that the parentheses are in the wrong place and the
unlikely() call returns either 0 or 1 so it's never less than zero. The
other problem is that signed integer overflows like "INT_MAX + 1" are
undefined behavior.
Fixes: d9c6a72d6fa2 ("kmod: add test driver to stress test the module loader")
Signed-off-by: Dan Carpenter <dan.carpenter@oracle.com>
diff --git a/lib/test_kmod.c b/lib/test_kmod.c
index e372b97eee13..30fd6d9e5361 100644
--- a/lib/test_kmod.c
+++ b/lib/test_kmod.c
@@ -1141,7 +1141,7 @@ static struct kmod_test_device *register_test_dev_kmod(void)
mutex_lock(®_dev_mutex);
/* int should suffice for number of devices, test for wrap */
- if (unlikely(num_test_devs + 1) < 0) {
+ if (num_test_devs == INT_MAX) {
pr_err("reached limit of number of test devices\n");
goto out;
}
^ permalink raw reply related [flat|nested] 5+ messages in thread
* Re: [PATCH] lib/test_kmod: Fix an integer overflow test
2018-01-22 10:27 [PATCH] lib/test_kmod: Fix an integer overflow test Dan Carpenter
@ 2018-02-24 2:59 ` Luis R. Rodriguez
2018-02-24 8:45 ` Dan Carpenter
0 siblings, 1 reply; 5+ messages in thread
From: Luis R. Rodriguez @ 2018-02-24 2:59 UTC (permalink / raw)
To: Dan Carpenter; +Cc: Luis R. Rodriguez, linux-kernel, kernel-janitors, cocci
On Mon, Jan 22, 2018 at 01:27:54PM +0300, Dan Carpenter wrote:
> The main problem is that the parentheses are in the wrong place and the
> unlikely() call returns either 0 or 1 so it's never less than zero.
Doh, thanks, yes. Seems worth considering a grammar rule for it.
> The other problem is that signed integer overflows like "INT_MAX + 1" are
> undefined behavior.
Likewise.
This seems like another possible generic typo issue. But I would not resolve it
the way you did, in this particular case below num_test_devs represents the
number of already registered devs, before we increment. So the way to resolve
this would be:
if (num_test_devs + 1 == INT_MAX)
I'll get this upstream, thanks!
Luis
> Fixes: d9c6a72d6fa2 ("kmod: add test driver to stress test the module loader")
> Signed-off-by: Dan Carpenter <dan.carpenter@oracle.com>
>
> diff --git a/lib/test_kmod.c b/lib/test_kmod.c
> index e372b97eee13..30fd6d9e5361 100644
> --- a/lib/test_kmod.c
> +++ b/lib/test_kmod.c
> @@ -1141,7 +1141,7 @@ static struct kmod_test_device *register_test_dev_kmod(void)
> mutex_lock(®_dev_mutex);
>
> /* int should suffice for number of devices, test for wrap */
> - if (unlikely(num_test_devs + 1) < 0) {
> + if (num_test_devs == INT_MAX) {
> pr_err("reached limit of number of test devices\n");
> goto out;
> }
>
--
Luis Rodriguez, SUSE LINUX GmbH
Maxfeldstrasse 5; D-90409 Nuernberg
^ permalink raw reply [flat|nested] 5+ messages in thread
* Re: [PATCH] lib/test_kmod: Fix an integer overflow test
2018-02-24 2:59 ` Luis R. Rodriguez
@ 2018-02-24 8:45 ` Dan Carpenter
2018-02-24 22:06 ` Luis R. Rodriguez
0 siblings, 1 reply; 5+ messages in thread
From: Dan Carpenter @ 2018-02-24 8:45 UTC (permalink / raw)
To: Luis R. Rodriguez; +Cc: linux-kernel, kernel-janitors, cocci
On Sat, Feb 24, 2018 at 02:59:41AM +0000, Luis R. Rodriguez wrote:
> On Mon, Jan 22, 2018 at 01:27:54PM +0300, Dan Carpenter wrote:
> > The main problem is that the parentheses are in the wrong place and the
> > unlikely() call returns either 0 or 1 so it's never less than zero.
>
> Doh, thanks, yes. Seems worth considering a grammar rule for it.
>
> > The other problem is that signed integer overflows like "INT_MAX + 1" are
> > undefined behavior.
>
> Likewise.
>
> This seems like another possible generic typo issue. But I would not resolve it
> the way you did, in this particular case below num_test_devs represents the
> number of already registered devs, before we increment. So the way to resolve
> this would be:
>
> if (num_test_devs + 1 == INT_MAX)
>
> I'll get this upstream, thanks!
There is no issue if num_test_devs is INT_MAX. But capping it at
INT_MAX - 1 is also fine.
regards,
dan carpenter
^ permalink raw reply [flat|nested] 5+ messages in thread
* Re: [PATCH] lib/test_kmod: Fix an integer overflow test
2018-02-24 8:45 ` Dan Carpenter
@ 2018-02-24 22:06 ` Luis R. Rodriguez
2018-02-24 23:34 ` Dan Carpenter
0 siblings, 1 reply; 5+ messages in thread
From: Luis R. Rodriguez @ 2018-02-24 22:06 UTC (permalink / raw)
To: Dan Carpenter; +Cc: Luis R. Rodriguez, linux-kernel, kernel-janitors, cocci
On Sat, Feb 24, 2018 at 11:45:16AM +0300, Dan Carpenter wrote:
> On Sat, Feb 24, 2018 at 02:59:41AM +0000, Luis R. Rodriguez wrote:
> > On Mon, Jan 22, 2018 at 01:27:54PM +0300, Dan Carpenter wrote:
> > > The main problem is that the parentheses are in the wrong place and the
> > > unlikely() call returns either 0 or 1 so it's never less than zero.
> >
> > Doh, thanks, yes. Seems worth considering a grammar rule for it.
> >
> > > The other problem is that signed integer overflows like "INT_MAX + 1" are
> > > undefined behavior.
> >
> > Likewise.
> >
> > This seems like another possible generic typo issue. But I would not resolve it
> > the way you did, in this particular case below num_test_devs represents the
> > number of already registered devs, before we increment. So the way to resolve
> > this would be:
> >
> > if (num_test_devs + 1 == INT_MAX)
> >
> > I'll get this upstream, thanks!
>
> There is no issue if num_test_devs is INT_MAX. But capping it at
> INT_MAX - 1 is also fine.
If num_test_devs is INT_MAX, then doing num_test_devs + 1 overflows
and as you noted that is undefined?
Luis
^ permalink raw reply [flat|nested] 5+ messages in thread
* Re: [PATCH] lib/test_kmod: Fix an integer overflow test
2018-02-24 22:06 ` Luis R. Rodriguez
@ 2018-02-24 23:34 ` Dan Carpenter
0 siblings, 0 replies; 5+ messages in thread
From: Dan Carpenter @ 2018-02-24 23:34 UTC (permalink / raw)
To: Luis R. Rodriguez; +Cc: linux-kernel, kernel-janitors, cocci
On Sat, Feb 24, 2018 at 10:06:01PM +0000, Luis R. Rodriguez wrote:
> On Sat, Feb 24, 2018 at 11:45:16AM +0300, Dan Carpenter wrote:
> > On Sat, Feb 24, 2018 at 02:59:41AM +0000, Luis R. Rodriguez wrote:
> > > On Mon, Jan 22, 2018 at 01:27:54PM +0300, Dan Carpenter wrote:
> > > > The main problem is that the parentheses are in the wrong place and the
> > > > unlikely() call returns either 0 or 1 so it's never less than zero.
> > >
> > > Doh, thanks, yes. Seems worth considering a grammar rule for it.
> > >
> > > > The other problem is that signed integer overflows like "INT_MAX + 1" are
> > > > undefined behavior.
> > >
> > > Likewise.
> > >
> > > This seems like another possible generic typo issue. But I would not resolve it
> > > the way you did, in this particular case below num_test_devs represents the
> > > number of already registered devs, before we increment. So the way to resolve
> > > this would be:
> > >
> > > if (num_test_devs + 1 == INT_MAX)
> > >
> > > I'll get this upstream, thanks!
> >
> > There is no issue if num_test_devs is INT_MAX. But capping it at
> > INT_MAX - 1 is also fine.
>
> If num_test_devs is INT_MAX, then doing num_test_devs + 1 overflows
> and as you noted that is undefined?
If it's INT_MAX we never do "num_test_devs + 1", we return a NULL.
regards,
dan carpenter
^ permalink raw reply [flat|nested] 5+ messages in thread
end of thread, other threads:[~2018-02-24 23:34 UTC | newest]
Thread overview: 5+ messages (download: mbox.gz / follow: Atom feed)
-- links below jump to the message on this page --
2018-01-22 10:27 [PATCH] lib/test_kmod: Fix an integer overflow test Dan Carpenter
2018-02-24 2:59 ` Luis R. Rodriguez
2018-02-24 8:45 ` Dan Carpenter
2018-02-24 22:06 ` Luis R. Rodriguez
2018-02-24 23:34 ` Dan Carpenter
This is a public inbox, see mirroring instructions
for how to clone and mirror all data and code used for this inbox;
as well as URLs for NNTP newsgroup(s).