[Drbd-dev] [patch] drbd: silence underflow warning in read_in_block()
Lars Ellenberg
lars.ellenberg at linbit.com
Wed May 7 12:22:19 CEST 2014
On Tue, May 06, 2014 at 02:28:32PM +0300, Dan Carpenter wrote:
> My static checker warns that "data_size" could be negative and underflow
> the limit check. The code looks suspicious but I don't know if it is a
> real bug.
"real life" bug only if you manage to receive corrupted data.
The maximum sent payload is DRBD_BIO_MAX_SIZE
which is an architecture independend constant (1U << 20).
Patch is correct, but while at it, we should revisit all "int data_size",
and make them all unsigned int...
Lars
>
> Signed-off-by: Dan Carpenter <dan.carpenter at oracle.com>
>
> diff --git a/drivers/block/drbd/drbd_receiver.c b/drivers/block/drbd/drbd_receiver.c
> index b6c8aaf..15daf86d 100644
> --- a/drivers/block/drbd/drbd_receiver.c
> +++ b/drivers/block/drbd/drbd_receiver.c
> @@ -1528,7 +1528,7 @@ read_in_block(struct drbd_peer_device *peer_device, u64 id, sector_t sector,
> struct drbd_peer_request *peer_req;
> struct page *page;
> int dgs, ds, err;
> - int data_size = pi->size;
> + unsigned int data_size = pi->size;
> void *dig_in = peer_device->connection->int_dig_in;
> void *dig_vv = peer_device->connection->int_dig_vv;
> unsigned long *data;
More information about the drbd-dev
mailing list