summaryrefslogtreecommitdiffstats
path: root/fs/exec.c
diff options
context:
space:
mode:
authorXi Wang <xi.wang@gmail.com>2013-01-11 14:31:48 -0800
committerLinus Torvalds <torvalds@linux-foundation.org>2013-01-11 14:54:55 -0800
commit6d92d4f6a74766cc885b18218268e0c47fbca399 (patch)
tree9feb7c205f8062ffc1982948d2ffc446cbf94a6b /fs/exec.c
parent7964c06d66c76507d8b6b662bffea770c29ef0ce (diff)
downloadlinux-6d92d4f6a74766cc885b18218268e0c47fbca399.tar.gz
linux-6d92d4f6a74766cc885b18218268e0c47fbca399.tar.bz2
linux-6d92d4f6a74766cc885b18218268e0c47fbca399.zip
fs/exec.c: work around icc miscompilation
The tricky problem is this check: if (i++ >= max) icc (mis)optimizes this check as: if (++i > max) The check now becomes a no-op since max is MAX_ARG_STRINGS (0x7FFFFFFF). This is "allowed" by the C standard, assuming i++ never overflows, because signed integer overflow is undefined behavior. This optimization effectively reverts the previous commit 362e6663ef23 ("exec.c, compat.c: fix count(), compat_count() bounds checking") that tries to fix the check. This patch simply moves ++ after the check. Signed-off-by: Xi Wang <xi.wang@gmail.com> Cc: Jason Baron <jbaron@redhat.com> Cc: Al Viro <viro@zeniv.linux.org.uk> Signed-off-by: Andrew Morton <akpm@linux-foundation.org> Signed-off-by: Linus Torvalds <torvalds@linux-foundation.org>
Diffstat (limited to 'fs/exec.c')
-rw-r--r--fs/exec.c3
1 files changed, 2 insertions, 1 deletions
diff --git a/fs/exec.c b/fs/exec.c
index 18c45cac368f..20df02c1cc70 100644
--- a/fs/exec.c
+++ b/fs/exec.c
@@ -434,8 +434,9 @@ static int count(struct user_arg_ptr argv, int max)
if (IS_ERR(p))
return -EFAULT;
- if (i++ >= max)
+ if (i >= max)
return -E2BIG;
+ ++i;
if (fatal_signal_pending(current))
return -ERESTARTNOHAND;