fs/ntfs3: Fix a couple integer overflows on 32bit systems

[ Upstream commit 5ad414f4df2294b28836b5b7b69787659d6aa708 ]

On 32bit systems the "off + sizeof(struct NTFS_DE)" addition can
have an integer wrapping issue.  Fix it by using size_add().

Fixes: 82cae269cfa9 ("fs/ntfs3: Add initialization of super block")
Signed-off-by: Dan Carpenter <dan.carpenter@linaro.org>
Signed-off-by: Konstantin Komarov <almaz.alexandrovich@paragon-software.com>
Signed-off-by: Sasha Levin <sashal@kernel.org>

diff --git a/fs/ntfs3/index.c b/fs/ntfs3/index.c
index 9089c58a005ce1b51d0ec291f1dbc6f4b4b0d153..28aae6ea1e615eac9f52dfc415ba6b9aee83f4ec 100644 (file)
--- a/fs/ntfs3/index.c
+++ b/fs/ntfs3/index.c
@@ -618,7 +618,7 @@ static bool index_hdr_check(const struct INDEX_HDR *hdr, u32 bytes)
        u32 off = le32_to_cpu(hdr->de_off);
 
        if (!IS_ALIGNED(off, 8) || tot > bytes || end > tot ||
-           off + sizeof(struct NTFS_DE) > end) {
+           size_add(off, sizeof(struct NTFS_DE)) > end) {
                /* incorrect index buffer. */
                return false;
        }
@@ -736,7 +736,7 @@ fill_table:
        if (end > total)
                return NULL;
 
-       if (off + sizeof(struct NTFS_DE) > end)
+       if (size_add(off, sizeof(struct NTFS_DE)) > end)
                return NULL;
 
        e = Add2Ptr(hdr, off);