On 11/28/20 9:59 PM, Peter Maydell wrote: > On Fri, 27 Nov 2020 at 15:45, Philippe Mathieu-Daudé <phi...@redhat.com> > wrote: >> >> Hi, >> >> This is a simple attempt to avoid the following pattern: >> >> ssize_t pkt_size = get_pkt_size(); // returns errno >> >> // no check >> >> send_packet(size_t size=pkt_size); // size casted to unsigned >> // -> overflow > > "RFC" and "for-5.2" are not a great combination at this point :-(
"RFC" because I don't understand all the effects this assert can have. "for-5.2" because it was raised as a security bug, but I don't have access to the information, so I can not see the big picture. > What are the consequences if we don't put this patchset in 5.2? Jason suggested to postpone this. If this is security important, we can release a 5.2.1-stable tag early I suppose. Regards, Phil.
