On 22.03.2024 14:39, Stewart Hildebrand wrote:
> On 3/19/24 09:26, Jan Beulich wrote:
>> At least XENMEM_memory_exchange can have huge values passed in the
>> nr_extents and nr_exchanged fields. Adding such values to pointers can
>> overflow, resulting in UB. Cast respective pointers to "unsigned l
On 3/19/24 09:26, Jan Beulich wrote:
> At least XENMEM_memory_exchange can have huge values passed in the
> nr_extents and nr_exchanged fields. Adding such values to pointers can
> overflow, resulting in UB. Cast respective pointers to "unsigned long"
Why not uintptr_t?
At least XENMEM_memory_exchange can have huge values passed in the
nr_extents and nr_exchanged fields. Adding such values to pointers can
overflow, resulting in UB. Cast respective pointers to "unsigned long"
while at the same time making the necessary multiplication explicit.
Remaining arithmetic
