lseek - integer overflow

The issue was introduced in PR (https://github.com/lxc/lxc/pull/1705):

Previous code:
```
  if (lseek(fd, size, SEEK_SET) < 0) {
    SYSERROR("Error seeking to set new loop file size");
    close(fd);
    return -1;
  }
```
New code:
```
  int fd, ret;

  [...]

  ret = lseek(fd, size, SEEK_SET);
  if (ret < 0) {
    SYSERROR("Failed to seek to set new loop file size for loop "
       "file \"%s\"", path);
    close(fd);
    return -1;
  }
```

Based on http://man7.org/linux/man-pages/man2/lseek.2.html:
> Upon successful completion, lseek() returns the resulting offset
> location as measured in bytes from the beginning of the file.

So in this case value of `size` and `size` is `uint64_t`.

This fix change declaration of `ret`, but it can be fixed in other ways.
Let me know what works for you.

This PR fix issues (https://github.com/lxc/lxc/issues/1872).

Signed-off-by: Lukasz Jagiello <lukasz@wikia-inc.com>

diff --git a/src/lxc/storage/loop.c b/src/lxc/storage/loop.c
index c4d393452584b1e4aeab3ae676025d9f4a255956..fa538654880d2f1ea2432ab7b89ab85d95cfae26 100644 (file)
--- a/src/lxc/storage/loop.c
+++ b/src/lxc/storage/loop.c
@@ -297,6 +297,7 @@ int loop_umount(struct lxc_storage *bdev)
 static int do_loop_create(const char *path, uint64_t size, const char *fstype)
 {
        int fd, ret;
+       off_t ret_size;
        char cmd_output[MAXPATHLEN];
        const char *cmd_args[2] = {fstype, path};
 
@@ -307,8 +308,8 @@ static int do_loop_create(const char *path, uint64_t size, const char *fstype)
                return -1;
        }
 
-       ret = lseek(fd, size, SEEK_SET);
-       if (ret < 0) {
+       ret_size = lseek(fd, size, SEEK_SET);
+       if (ret_size < 0) {
                SYSERROR("Failed to seek to set new loop file size for loop "
                         "file \"%s\"", path);
                close(fd);