From mboxrd@z Thu Jan 1 00:00:00 1970 From: Stephen Hemminger Subject: Re: [PATCH 2/3] virtio: fix Coverity unsigned warnings Date: Mon, 31 Aug 2015 09:44:56 -0700 Message-ID: <20150831094456.739b2f65@urahara> References: <1440779019-10793-1-git-send-email-stephen@networkplumber.org> <1440779019-10793-3-git-send-email-stephen@networkplumber.org> Mime-Version: 1.0 Content-Type: text/plain; charset=US-ASCII Content-Transfer-Encoding: 7bit Cc: "dev@dpdk.org" To: "Ouyang, Changchun" Return-path: Received: from mail-pa0-f43.google.com (mail-pa0-f43.google.com [209.85.220.43]) by dpdk.org (Postfix) with ESMTP id 152DC91DC for ; Mon, 31 Aug 2015 18:44:48 +0200 (CEST) Received: by pabpg12 with SMTP id pg12so12057992pab.3 for ; Mon, 31 Aug 2015 09:44:47 -0700 (PDT) In-Reply-To: List-Id: patches and discussions about DPDK List-Unsubscribe: , List-Archive: List-Post: List-Help: List-Subscribe: , Errors-To: dev-bounces@dpdk.org Sender: "dev" On Mon, 31 Aug 2015 01:38:44 +0000 "Ouyang, Changchun" wrote: > Hi Stephen, > > > -----Original Message----- > > From: Stephen Hemminger [mailto:stephen@networkplumber.org] > > Sent: Saturday, August 29, 2015 12:24 AM > > To: Xie, Huawei; Ouyang, Changchun > > Cc: dev@dpdk.org; Stephen Hemminger > > Subject: [PATCH 2/3] virtio: fix Coverity unsigned warnings > > > > There are some places in virtio driver where uint16_t or int are used where it > > would be safer to use unsigned. > > Why will it be safer? Integer to unsigned conversion risks bugs about sign extension and wrap around. There is a whole class of security related bug possiblities caused by just this kind of thing. In this case the code is hidden behind layers which make it unlikely to be exploitable, but as a general policy it is best not to use signed types unless absolutely necessary. That is why tools like Coverity are so picky about this.