diff options
| author |   guenther <guenther@openbsd.org> | 2011-11-06 12:10:04 +0000 |
|---|---|---|
| committer | guenther <guenther@openbsd.org> | 2011-11-06 12:10:04 +0000 |
| commit | ace4fcad80cfa4453dbe1117f4ce79069c5edecf (patch) | |
| tree | f1c6d43efa0ea1f993ce0b77e7f108ecc8c1dbaf | |
| parent | .Ev -> .Dv (diff) | |
| download | wireguard-openbsd-ace4fcad80cfa4453dbe1117f4ce79069c5edecf.tar.xz wireguard-openbsd-ace4fcad80cfa4453dbe1117f4ce79069c5edecf.zip | |
Document a non-obvious reason why something can't overflow.
Discussed with deraadt@
| -rw-r--r-- | sys/kern/sys_generic.c | 8 |
1 files changed, 5 insertions, 3 deletions
diff --git a/sys/kern/sys_generic.c b/sys/kern/sys_generic.c index b7d741060f5..962645dba50 100644 --- a/sys/kern/sys_generic.c +++ b/sys/kern/sys_generic.c @@ -1,4 +1,4 @@ -/* $OpenBSD: sys_generic.c,v 1.72 2010/12/19 19:54:46 kettenis Exp $ */ +/* $OpenBSD: sys_generic.c,v 1.73 2011/11/06 12:10:04 guenther Exp $ */ /* $NetBSD: sys_generic.c,v 1.24 1996/03/29 00:25:32 cgd Exp $ */ /* @@ -176,7 +176,8 @@ dofilereadv(struct proc *p, int fd, struct file *fp, const struct iovec *iovp, /* * Reads return ssize_t because -1 is returned on error. * Therefore we must restrict the length to SSIZE_MAX to - * avoid garbage return values. + * avoid garbage return values. Note that the addition is + * guaranteed to not wrap because SSIZE_MAX * 2 < SIZE_MAX. */ if (iov->iov_len > SSIZE_MAX || auio.uio_resid > SSIZE_MAX) { error = EINVAL; @@ -329,7 +330,8 @@ dofilewritev(struct proc *p, int fd, struct file *fp, const struct iovec *iovp, /* * Writes return ssize_t because -1 is returned on error. * Therefore we must restrict the length to SSIZE_MAX to - * avoid garbage return values. + * avoid garbage return values. Note that the addition is + * guaranteed to not wrap because SSIZE_MAX * 2 < SIZE_MAX. */ if (iov->iov_len > SSIZE_MAX || auio.uio_resid > SSIZE_MAX) { error = EINVAL; |