Re: [PATCH v3 4/7] sysctl: Add sysctl interface for querying PCI topology

[Robert Elz <kre%munnari.OZ.AU@localhost>]

    Date:        Mon,  9 Feb 2015 15:04:32 -0500
    From:        Boris Ostrovsky <boris.ostrovsky%oracle.com@localhost>
    Message-ID:  <1423512275-6531-5-git-send-email-boris.ostrovsky%oracle.com@localhost>


  | +        num_devs = ti->num_devs - ti->first_dev;
  | +
  | +        if ( guest_handle_is_null(ti->devs) ||
  | +             guest_handle_is_null(ti->nodes) ||
  | +             (num_devs <= 0) )
  | +        {
  | +            ret = -EINVAL;
  | +            break;
  | +        }

Does that need a check that ti->first_dev <= ti_num_devs ?

(that is aside from the issue of subtracting one uint from another and hoping
that you'll get a negative signed int if the one subtracted is bigger).

The (num_devs <= 0) test (even if it works - which it should on most
rational architectures) isn't good enough, as it is possible to subtract
a very big uint from a very small unit and end up with an int that is
positive (and potentially, very big, consider (32bit): 2 - 0x80000001).

So, replace the (num_devs <= 0) test by (ti->first_dev <= ti->num_devs)  ??

Or possibly include both tests, just in case ti->num_devs is very large and
ti->first_dev is small (like 0) and when the large unsigned is converted
to signed, it becomes negative - or is all of this just too impossible
to worry about?

kre