On 17/10/2018 22:58, P J P wrote: > From: Prasad J Pandit <p...@fedoraproject.org> > > The length parameter values are not negative, thus use an unsigned > type 'size_t' for them. Many routines pass 'len' values to memcpy(3) > calls. If it was negative, it could lead to memory corruption issues.
You are not fixing anything here; if the length was negative before, it would still overflow and it would now be a huge positive value. So you have to first find out all places where something is subtracted from the length, and ensure it's okay or add assertions. Then you have to check a much more important issue: places that use a fixed-size buffer such as vhci_host_send should range check len first, again with an assertion if needed. Only then it makes sense to use size_t. Paolo
