Bug 458350
| Summary: | fs/cifs/asn1.c:403: warning: comparison is always false due to limited range of data type | ||||||||
|---|---|---|---|---|---|---|---|---|---|
| Product: | Red Hat Enterprise MRG | Reporter: | Luis Claudio R. Goncalves <lgoncalv> | ||||||
| Component: | realtime-kernel | Assignee: | Eugene Teo (Security Response) <eteo> | ||||||
| Status: | CLOSED ERRATA | QA Contact: | |||||||
| Severity: | medium | Docs Contact: | |||||||
| Priority: | medium | ||||||||
| Version: | 1.0 | CC: | bhu, davids, eteo, williams | ||||||
| Target Milestone: | 1.0.3 | ||||||||
| Target Release: | --- | ||||||||
| Hardware: | All | ||||||||
| OS: | Linux | ||||||||
| Whiteboard: | |||||||||
| Fixed In Version: | Doc Type: | Bug Fix | |||||||
| Doc Text: | Story Points: | --- | |||||||
| Clone Of: | Environment: | ||||||||
| Last Closed: | 2008-10-07 19:20:34 UTC | Type: | --- | ||||||
| Regression: | --- | Mount Type: | --- | ||||||
| Documentation: | --- | CRM: | |||||||
| Verified Versions: | Category: | --- | |||||||
| oVirt Team: | --- | RHEL 7.3 requirements from Atomic Host: | |||||||
| Cloudforms Team: | --- | Target Upstream Version: | |||||||
| Embargoed: | |||||||||
| Attachments: |
|
||||||||
It should be:
if (size < 2 || size > UINT_MAX/sizeof(unsigned long))
return 0;
Upstream commit: 04e1e0cccade330ab3715ce59234f7e3b087e246
[20:26] (__lc) <__lc> net/ipv4/netfilter/nf_nat_snmp_basic.c:447: warning:
comparison is always false due to limited range of data type
[20:27] (__lc) hey, the very same code:
[20:27] (__lc) if (size < 2 || size > ULONG_MAX/sizeof(unsigned long))
We need this included. Looks like it's not patched in upstream, so I'm sending a patch there too.
(In reply to comment #2) > [20:26] (__lc) <__lc> net/ipv4/netfilter/nf_nat_snmp_basic.c:447: warning: > comparison is always false due to limited range of data type > [20:27] (__lc) hey, the very same code: > [20:27] (__lc) if (size < 2 || size > ULONG_MAX/sizeof(unsigned long)) > > We need this included. Looks like it's not patched in upstream, so I'm sending > a patch there too. Jan Beulich submitted it, so it's in a queue now. Created attachment 313781 [details]
Proposed backported patch
(In reply to comment #4) > (In reply to comment #2) > > [20:26] (__lc) <__lc> net/ipv4/netfilter/nf_nat_snmp_basic.c:447: warning: > > comparison is always false due to limited range of data type > > [20:27] (__lc) hey, the very same code: > > [20:27] (__lc) if (size < 2 || size > ULONG_MAX/sizeof(unsigned long)) > > > > We need this included. Looks like it's not patched in upstream, so I'm sending > > a patch there too. > > Jan Beulich submitted it, so it's in a queue now. Luis, so, the upstream took David's patch instead. So the fix for above is slightly different. Please see 252815b0cfe711001eff0327872209986b36d490. Also, just for reference, the upstream commit for fs/cifs/asn1.c warning is 04e1e0cccade330ab3715ce59234f7e3b087e246. Thanks. Created attachment 314438 [details]
Proposed backported patch
Added a patch to -79 to keep us in sync with upstream... An advisory has been issued which should help the problem described in this bug report. This report is therefore being closed with a resolution of ERRATA. For more information on therefore solution and/or where to find the updated files, please follow the link below. You may reopen this bug report if the solution does not work for you. http://rhn.redhat.com/errata/RHSA-2008-0857.html |
Description of problem: From fs/cifs/asn1.c line 403: ... unsigned int size; ... if (size < 2 || size > ULONG_MAX/sizeof(unsigned long)) return 0; ... That lead to: 1. Second half of comparison is always false, so the upper limit is not really tested and 2. This compile time warning: fs/cifs/asn1.c:403: warning: comparison is always false due to limited range of data type Version-Release number of selected component (if applicable): Observed in 2.6.24.7-75.el5rt