PATCH: ctdb: buffer write beyond limits
Martin Schwenke
martin at meltin.net
Wed Feb 20 02:50:59 UTC 2019
On Tue, 19 Feb 2019 12:37:18 +0100, swen via samba-technical
<samba-technical at lists.samba.org> wrote:
> On Tue, 2019-02-19 at 11:53 +0100, Volker Lendecke wrote:
> > On Tue, Feb 19, 2019 at 11:02:18AM +0100, Volker Lendecke via samba-
> > technical wrote:
> > > On Tue, Feb 19, 2019 at 10:53:41AM +0100, swen wrote:
> [...]
> [...]
> [...]
> > >
> > > No, I do not agree. There is a simple boiler plate to do a checked
> > > addition, and a simple boiler plate to do checked subtraction.
> > > Please
> > > do it that way.
> >
> > More explanation: I do not agree because it is really simple to get
> > these lines right on their own respect. And having to read a 4-entry
> > proof referencing code elsewhere where it's easy to make to code safe
> > in an isolated manner.
> >
> > The crash was introduced through patches that did not affect this MIN
> > statement at all. This means that the environment can change, and the
> > assumptions that you refer to in bullet point 3 might change, causing
> > the code to crash again. In this kind of code we have to check every
> > individual arithmetic operation in isolation.
> >
> > Attached find something that I did in 10 minutes. Please crush it if
> > you think your approach is better.
>
> Ok, I surrender !
>
> Please review and push if happy.
Reviewed-by: Martin Schwenke <martin at meltin.net>
Another team reviewer please?
It would be good to push Christof's test with this. A couple of
comments coming in reply to that...
peace & happiness,
martin
-------------- next part --------------
A non-text attachment was scrubbed...
Name: not available
Type: application/pgp-signature
Size: 833 bytes
Desc: OpenPGP digital signature
URL: <http://lists.samba.org/pipermail/samba-technical/attachments/20190220/d533c9ab/attachment.sig>
More information about the samba-technical
mailing list