19 May
2022
19 May
'22
8:29 p.m.
On Thu, May 19, 2022 at 08:10:12PM +0300, Alexey Khoroshilov wrote:
Variable sel is of unsigned int type, so sel < 0 is not required.
Found by Linux Verification Center (linuxtesting.org) with SVACE.
val = (val >> mc->shift) & mask;
- if (sel < 0 || sel > mc->max)
- if (sel > mc->max)
The check needs to be moved, not removed. The userspace ABI allows passing in of negative values.