2004-09-24 13:58:12

by Kirill Korotaev

Subject: [Q] possible proc inode numbers overflow?

fs/proc/generic.c:

#define PROC_DYNAMIC_FIRST 0xF0000000UL
static unsigned int get_inode_number(void)
{
...
inum = (i & MAX_ID_MASK) + PROC_DYNAMIC_FIRST;

/* inum will never be more than 0xf0ffffff, so no check
* for overflow.
*/
...
}

is it really correct? Looks like MAX_ID_MASK = 0x7FFFFFFF and
PROC_DYNAMIC_FIRST is 0xF0000000.

So at least the comment is wrong?

Kirill

2004-09-24 14:04:59

by William Lee Irwin III

Subject: Re: [Q] possible proc inode numbers overflow?

On Fri, Sep 24, 2004 at 06:10:39PM +0400, Kirill Korotaev wrote:
> fs/proc/generic.c:
> #define PROC_DYNAMIC_FIRST 0xF0000000UL
> static unsigned int get_inode_number(void)
> {
> ...
> inum = (i & MAX_ID_MASK) + PROC_DYNAMIC_FIRST;
>
> /* inum will never be more than 0xf0ffffff, so no check
> * for overflow.
> */
> ...
> }
> is it really correct? Looks like MAX_ID_MASK = 0x7FFFFFFF and
> PROC_DYNAMIC_FIRST is 0xF0000000.
> So at least the comment is wrong?

The comment is wrong. Albert Cahalan and I are working on a new fix.


-- wli