[PATCH 1/2] drm/i915: fix integer overflow in i915_gem_execbuffer2()

Chris Wilson chris at chris-wilson.co.uk
Fri Apr 6 12:40:12 PDT 2012


On Fri, 6 Apr 2012 14:17:41 -0400, Xi Wang <xi.wang at gmail.com> wrote:
> On Apr 6, 2012, at 10:44 AM, Chris Wilson wrote:
> 
> > That I agreed with, I just disagree with how you chose to handle it.
> > Rather than continue on and attempt to vmalloc a large array we should
> > just fail the ioctl with EINVAL.
> 
> Why an attempt to vmalloc?  The overflow check in drm_malloc_ab()
> will simply return NULL and fail the ioctl with -ENOMEM.

It's an invalid value for the ioctl and should be treated as such, not
making ENOMEM more ambiguous.
-Chris

-- 
Chris Wilson, Intel Open Source Technology Centre


More information about the dri-devel mailing list