Eric Dumazet wrote:
On Thu, 15 Nov 2007 13:41:54 +0100
Patrick McHardy <[EMAIL PROTECTED]> wrote:
+#define XT_TABLE_INFO_SZ (offsetof(struct xt_table_info, entries) \
+ + nr_cpu_ids * sizeof(char *))
/* overflow check */
- if (tmp.size >= (INT_MAX - sizeof(struct xt_table_info)) / NR_CPUS -
- SMP_CACHE_BYTES)
+ if (tmp.size >= INT_MAX / num_possible_cpus())
return -ENOMEM;
We need to make sure offsetof(struct xt_table_info, entries) +
nr_cpu_ids * sizeof(char *) doesn't overflow, so why doesn't it
use nr_cpu_ids here as well?
nr_cpu_ids is <= NR_CPUS, so XT_TABLE_INFO_SZ cannot overflow
Yes, but nr_cpu_ids is >= num_possible_cpus, which is what we're
using with your patch.
The 'overflow check' we do here is in fact not very usefull now
that we dont need to multiply tmp.size by NR_CPUS and potentially
overflow the result.
We can delete the test, because kmalloc()/vmalloc() will probably
fail gracefully if we ask too much memory.
You're right, I'll remove it. Thanks.
-
To unsubscribe from this list: send the line "unsubscribe netdev" in
the body of a message to [EMAIL PROTECTED]
More majordomo info at http://vger.kernel.org/majordomo-info.html
