* Bruce Evans <bdezeta.org.au> [010908 12:15] wrote:
> On Sat, 8 Sep 2001, Alfred Perlstein wrote:
>
> > * Andrew R. Reiter <arrwatson.org> [010908 05:44] wrote:
> > > Hey,
> > >
> > > The attached code fixes the semop bug which is specified in the recent
> > > NetBSD security announcement. I'm not positive about hte naming scheme
> > > wanted by all in terms of: size_t vs. unsigned int vs. unsigned. I made
> > > it u_int b/c i saw in sysproto.h that there seemed to be more u_int's
> > > instead of size_t's :-) Great logic.
> >
> > Uh, why don't you just compare the int arg against 0, if it's less than
> > then just return EINVAL.
>
> The API apparently specified that it is unsigned (I checked the Linux
> version). And don't use the hack of type punning the unsigned to int
> (this part already happens) and checking for the int being less than 0
> (this check is missing). We already use the hack of type punning an
> int to an unsigned in too many places (readv, writev, ...).

Wait, don't check against < 0? Ok, then how do we fix it?

-- 
-Alfred Perlstein [alfredfreebsd.org]
'Instead of asking why a piece of software is using "1970s technology,"
start asking why software is ignoring 30 years of accumulated wisdom.'
To Unsubscribe: send mail to majordomoFreeBSD.org
with "unsubscribe freebsd-security" in the body of the message

• Messages sorted by: [ date ] [ thread ] [ subject ] [ author ]