Date: Tue, 27 Feb 2001 19:33:44 +1100 (EST) From: Bruce Evans <bde@zeta.org.au> To: Jonathan Lemon <jlemon@FreeBSD.org> Cc: cvs-committers@FreeBSD.org, cvs-all@FreeBSD.org Subject: Re: cvs commit: src/sys/kern sys_generic.c Message-ID: <Pine.BSF.4.21.0102271914070.24185-100000@besplex.bde.org> In-Reply-To: <200102270050.f1R0oKw66156@freefall.freebsd.org>
next in thread | previous in thread | raw e-mail | index | archive | help
On Mon, 26 Feb 2001, Jonathan Lemon wrote: > jlemon 2001/02/26 16:50:20 PST > > Modified files: > sys/kern sys_generic.c > Log: > Cast nfds to u_int before range checking it in order to catch negative > values. > > PR: 25393 Wrong fix: 1. The cast may be unportable. It's not clear that it works for 1's complement, etc. 2. This hack shouldn't be used in new code. Just compare with 0 explicitly. If the cast would work, then the compiler should be capable optimizing away the comparison if that would be an optimization. gcc has done this for 10-15 years, at least on i386's. 3. poll() has passed an unsigned count, but the count has been corrupted by assigning it to an int. The correctness of all this depends on the cast to u_int converting back to the original value. Do you really want to know if all this works for 1's complement, etc? :-) The patch in the PR does this right (use the correct type for nfds so that things just work. This was broken in peter's recent changes (RELENG_4 still does the bounds check directly on the u_int in the struct. When I reviewed the changes, I stared a bit at the u_int in the struct, but I missed the use of the wrong type for the local vatriable :(. Bruce To Unsubscribe: send mail to majordomo@FreeBSD.org with "unsubscribe cvs-all" in the body of the message
Want to link to this message? Use this URL: <https://mail-archive.FreeBSD.org/cgi/mid.cgi?Pine.BSF.4.21.0102271914070.24185-100000>