19 May
2022
19 May
'22
8:49 p.m.
On 19.05.2022 20:29, Mark Brown wrote:
On Thu, May 19, 2022 at 08:10:12PM +0300, Alexey Khoroshilov wrote:
Variable sel is of unsigned int type, so sel < 0 is not required.
Found by Linux Verification Center (linuxtesting.org) with SVACE.
val = (val >> mc->shift) & mask;
- if (sel < 0 || sel > mc->max)
- if (sel > mc->max)
The check needs to be moved, not removed. The userspace ABI allows passing in of negative values.
Would (sel > mc->max) be enough in this case anyway?
-- Alexey