[PATCH] staging: gs_fpgaboot: add buffer overflow checks

Dan Carpenter dan.carpenter at oracle.com
Tue Jul 18 07:54:45 UTC 2017


On Mon, Jul 17, 2017 at 08:21:20PM -0400, Jacob von Chorus wrote:
> On Mon, Jul 17, 2017 at 10:53:25PM +0300, Dan Carpenter wrote:
> > > +	if (len + 1 > n) {
> > 
> > It's more idiomatic to say "if (len >= n)".  Plus that's a good habbit
> 
> My reasoning behind using "((len + 1) > n)" is that len represents the length of
> the string without null-termination. "buf" is required to store a
> null-terminator on top of len. Using "len + 1" shows this requirement
> more clearly; I will add brackets around "len + 1" for emphasis.
> 

Don't get into the habbit of saying len + 1 because you will end up
introducing integer overflows.  Also don't add useless parenthesis.
Everyone who programs in C is used to NUL terminators, so it's not a new
concept which has to be explained.

regards,
dan carpenter



More information about the devel mailing list