LWN.net Logo

Not logged in

Log in now

Create an account

Subscribe to LWN

Recent Features

An unexpected perf feature

LWN.net Weekly Edition for May 16, 2013

A look at the PyPy 2.0 release

PostgreSQL 9.3 beta: Federated databases and more

LWN.net Weekly Edition for May 9, 2013

Printable page
Weekly edition Kernel Security Distributions Contact Us Search
Archives Calendar Subscribe Write for LWN LWN.net FAQ Sponsors

Wrong name

Wrong name

Posted Jan 17, 2008 12:29 UTC (Thu) by ms (subscriber, #41272)
In reply to: Wrong name by NAR
Parent article: A kernel security hole 

No no. The problem is these parameters should not have the same type.

(Log in to post comments)

Wrong name

Posted Jan 17, 2008 13:06 UTC (Thu) by BenHutchings (subscriber, #37955) [Link] 

They could be changed to enumerated types, but that wouldn't automatically help much because
conversion between integer and enumerated types is implicit in C. Perhaps sparse would have
caught it though.

Wrong name

Posted Jan 17, 2008 14:28 UTC (Thu) by nix (subscriber, #2304) [Link] 

It could have been made more obvious, and thus more likely to be rapidly spotted, by making
sure that FMODE_WRITE and MAY_WRITE had different *values* which overlapped with something
quite different in the other flag: but if that had been thought of, this bug would never have
happened because people would have been paying extra attention to it anyway.

Wrong name

Posted Jan 17, 2008 16:17 UTC (Thu) by tbellman (guest, #49983) [Link] 

Except that it wouldn't have helped.  The buggy code used FMODE_WRITE to check the bit in the
variable 'flag'; the correct code uses MAY_WRITE to check the bit in the variable 'acc_mode'.
The buggy code did use the correct access mechanisms for the variable it looked at, so no
amount of BDSM type control would have helped.

Copyright © 2013, Eklektix, Inc.
Comments and public postings are copyrighted by their creators.
Linux is a registered trademark of Linus Torvalds