PATCH: ctdb: buffer write beyond limits
Volker.Lendecke at SerNet.DE
Tue Feb 19 09:00:21 UTC 2019
On Tue, Feb 19, 2019 at 09:26:17AM +0100, swen wrote:
> On Mon, 2019-02-18 at 15:57 -0800, Jeremy Allison wrote:
> > On Mon, Feb 18, 2019 at 06:22:49PM +0100, swen via samba-technical
> > wrote:
> > >
> > This is *way* too complex to even understand as a comment.
> > Please just add the buffer overrun/overflow checks.
> > That way we *KNOW* it's safe and don't need to read
> > "War and Peace" to understand.
> > NAK until then !
> Next try...this time with explicit check.
> Please review and push if happy
No, this is not right. Please check every individual arithmetic
operation in isolation. First do the "+". Put the result into a temp
variable. Check that it did not overflow. Then either do the "-" and
check that it did not underflow. Or check that the minuend is larger
than the subtrahend and then do the subtraction. For example you might
take a look at tdb_expand_adjust() how we do these checks usually.
SerNet GmbH, Bahnhofsallee 1b, 37081 Göttingen
phone: 0551-370000-0, mailto:kontakt at sernet.de
Gesch.F.: Dr. Johannes Loxen und Reinhild Jung
AG Göttingen: HR-B 2816 - http://www.sernet.de
More information about the samba-technical