ceph: fix possible integer overflow in ceph_zero_objects()

[ Upstream commit 0abd87942e0c93964e93224836944712feba1d91 ]

In 'ceph_zero_objects', promote 'object_size' to 'u64' to avoid possible
integer overflow.

Compile tested only.

Found by Linux Verification Center (linuxtesting.org) with SVACE.

Signed-off-by: Dmitry Kandybka <d.kandybka@gmail.com>
Reviewed-by: Viacheslav Dubeyko <Slava.Dubeyko@ibm.com>
Signed-off-by: Ilya Dryomov <idryomov@gmail.com>
Signed-off-by: Sasha Levin <sashal@kernel.org>

diff --git a/fs/ceph/file.c b/fs/ceph/file.c
index f3fba3d27efa64d028f65d3ed1a5eb6086b07112..e92a10ba58b3fe6f18c3a78591f665890d72eb81 100644 (file)
--- a/fs/ceph/file.c
+++ b/fs/ceph/file.c
@@ -2032,7 +2032,7 @@ static int ceph_zero_objects(struct inode *inode, loff_t offset, loff_t length)
        s32 stripe_unit = ci->i_layout.stripe_unit;
        s32 stripe_count = ci->i_layout.stripe_count;
        s32 object_size = ci->i_layout.object_size;
-       u64 object_set_size = object_size * stripe_count;
+       u64 object_set_size = (u64) object_size * stripe_count;
        u64 nearly, t;
 
        /* round offset up to next period boundary */