1. Patchew
  2. linux
  3. View series

[PATCH v1] netlink: Remove implicit 32-bit trunction in nla_memcmp

Ian Rogers posted 1 patch 1 week, 1 day ago 
lib/nlattr.c | 8 ++++----
1 file changed, 4 insertions(+), 4 deletions(-)
[PATCH v1] netlink: Remove implicit 32-bit trunction in nla_memcmp
Posted by Ian Rogers 1 week, 1 day ago 
64-bit truncation to 32-bit can result in the sign of the truncated
value changing. The nla_memcmp function subtracts a 16-bit nla_len
from a size_t size and so this shouldn't occur, but the code looks
hazardous so change it to make the comparisons explicit and avoid a
truncated subtract.

Signed-off-by: Ian Rogers <irogers@google.com>
---
 lib/nlattr.c | 8 ++++----
 1 file changed, 4 insertions(+), 4 deletions(-)

diff --git a/lib/nlattr.c b/lib/nlattr.c
index be9c576b6e2d..6e1c40dd11e3 100644
--- a/lib/nlattr.c
+++ b/lib/nlattr.c
@@ -854,12 +854,12 @@ EXPORT_SYMBOL(nla_memcpy);
 int nla_memcmp(const struct nlattr *nla, const void *data,
 			     size_t size)
 {
-	int d = nla_len(nla) - size;
+	u16 l = nla_len(nla);
 
-	if (d == 0)
-		d = memcmp(nla_data(nla), data, size);
+	if (l == size)
+		return memcmp(nla_data(nla), data, size);
 
-	return d;
+	return l > size ? 1 : -1;
 }
 EXPORT_SYMBOL(nla_memcmp);
 
-- 
2.52.0.223.gf5cc29aaa4-goog
Re: [PATCH v1] netlink: Remove implicit 32-bit trunction in nla_memcmp
Posted by David Laight 1 week ago 
On Tue,  9 Dec 2025 14:41:58 -0800
Ian Rogers <irogers@google.com> wrote:

> 64-bit truncation to 32-bit can result in the sign of the truncated
> value changing. The nla_memcmp function subtracts a 16-bit nla_len
> from a size_t size and so this shouldn't occur, but the code looks
> hazardous so change it to make the comparisons explicit and avoid a
> truncated subtract.
> 
> Signed-off-by: Ian Rogers <irogers@google.com>
> ---
>  lib/nlattr.c | 8 ++++----
>  1 file changed, 4 insertions(+), 4 deletions(-)
> 
> diff --git a/lib/nlattr.c b/lib/nlattr.c
> index be9c576b6e2d..6e1c40dd11e3 100644
> --- a/lib/nlattr.c
> +++ b/lib/nlattr.c
> @@ -854,12 +854,12 @@ EXPORT_SYMBOL(nla_memcpy);
>  int nla_memcmp(const struct nlattr *nla, const void *data,
>  			     size_t size)
>  {
> -	int d = nla_len(nla) - size;
> +	u16 l = nla_len(nla);

Don't use u16 for locals.
Generates unnecessarily bad code.

	David

>  
> -	if (d == 0)
> -		d = memcmp(nla_data(nla), data, size);
> +	if (l == size)
> +		return memcmp(nla_data(nla), data, size);
>  
> -	return d;
> +	return l > size ? 1 : -1;
>  }
>  EXPORT_SYMBOL(nla_memcmp);
>

Patchew 2.1-devel-b67e4c2

© 2016 - 2025 Red Hat, Inc.