On Wed, Mar 24, 2021 at 11:43 AM Ira Weiny <ira.we...@intel.com> wrote:
>
> On Wed, Mar 24, 2021 at 03:16:35PM +0100, Robert Richter wrote:
> > Typically the mem_commands[] array is in sync with 'enum { CXL_CMDS }'.
> > Current code works well.
> >
> > However, the array size of mem_commands[] may not strictly be the same
> > as CXL_MEM_COMMAND_ID_MAX. E.g. if a new CXL_CMD() is added that is
> > guarded by #ifdefs, the array could be shorter. This could lead then
> > further to an out-of-bounds array access in cxl_validate_cmd_from_user().
> >
> > Fix this by forcing the array size to CXL_MEM_COMMAND_ID_MAX. This
> > also adds range checks for array items in mem_commands[] at compile
> > time.
>
> Can't we use ARRAY_SIZE?An ARRAY_SIZE() check in cxl_validate_cmd_from_user() would work too, but it wouldn't give the compiler protection that Robert mentions for going the other way where mem_commands tries to add an entry that is out of bounds relative to CXL_CMDS.
