On Fri, 01 Jul 2016 12:46:39 +0200, Takashi Sakamoto wrote:
On Jul 1 2016 18:52, Takashi Iwai wrote:
Were I you, I would insert codes to evaluate the element of dimension info; i.e.
if (info->dimen.d[i] > 512) break;Here, 512 is the maximum number of members which an element can have. In this case, it's certainly an element of byte type.
It's superfluous. If info->count is already a sane value, it'd be enough to compare with this.
The info->count comes from userspace or each driver. It's dangerous to use it for avoiding arithmetic overflow.
Your function is to verify the dimen array. And for that, a sane info->count value is prerequisite. Otherwise how can you validate it at all...?
Hm.
There's a large difference between us for the design of this local function. You're interested in the result of calculation, while I consider about the soundness of whole members in the dimension info.
No, my code cares about each member's overflow, too. You just need to know how to detect the integer overflow more efficiently. It's a standard idiom.
Takashi