]> git.ipfire.org Git - thirdparty/kernel/stable.git/commit
projects / thirdparty / kernel / stable.git / commit
? search:
summary | shortlog | log | commit | commitdiff | tree
(parent: 4adf651) | patch
f2fs: fix several potential integer overflows in file offsets
authorNikita Zhandarovich <n.zhandarovich@fintech.ru>
Wed, 24 Jul 2024 17:28:38 +0000 (10:28 -0700)
committerGreg Kroah-Hartman <gregkh@linuxfoundation.org>
Fri, 4 Oct 2024 14:29:54 +0000 (16:29 +0200)
commitb18a5c8382c80c6a3b25f16907ce0aca78cbc1ff
treed59ed7aab3721adf8d711a38710102ca478c3844tree | snapshot
parent4adf6514949f76bb6ae34403d1b5fa6a93499ecdcommit | diff
f2fs: fix several potential integer overflows in file offsets

commit 1cade98cf6415897bf9342ee451cc5b40b58c638 upstream.

When dealing with large extents and calculating file offsets by
summing up according extent offsets and lengths of unsigned int type,
one may encounter possible integer overflow if the values are
big enough.

Prevent this from happening by expanding one of the addends to
(pgoff_t) type.

Found by Linux Verification Center (linuxtesting.org) with static
analysis tool SVACE.

Fixes: d323d005ac4a ("f2fs: support file defragment")
Cc: stable@vger.kernel.org
Signed-off-by: Nikita Zhandarovich <n.zhandarovich@fintech.ru>
Reviewed-by: Chao Yu <chao@kernel.org>
Signed-off-by: Jaegeuk Kim <jaegeuk@kernel.org>
Signed-off-by: Greg Kroah-Hartman <gregkh@linuxfoundation.org>
fs/f2fs/extent_cache.c diff | blob | blame | history
fs/f2fs/file.c diff | blob | blame | history
Mirror https://git.kernel.org/pub/scm/linux/kernel/git/stable/linux.git