From 3b1cdc9fddcae5d92fcebc1f859453fb05020a0c Mon Sep 17 00:00:00 2001
From: Eric Sandeen <sandeen@sandeen.net>
Date: Thu, 3 Dec 2009 13:20:54 -0600
Subject: [PATCH] xfs_io: don't assign cvtnum() return to unsigned var

cvtnum() returns -1LL for unparseable values, but if we
assign to a signed var, we can't test it:

There are problems in fadvise, mincore & madvise.

xfs_io> mincore 0 xxx
range (0:0) is beyond mapping (0:1048576)

For mincore & madvise, se a temporary signed var so we
can detect the error:

xfs_io> mincore 0 xxx
non-numeric length argument -- xxx

and also test whether it may overflow a size_t for
mincore & madvise.

For fadvise, posix_fadvise64 wants an off_t anyway so just
switch to that.

Signed-off-by: Eric Sandeen <sandeen@sandeen.net>
Reviewed-by: Christoph Hellwig <hch@lst.de>
---
 io/fadvise.c |  3 +--
 io/madvise.c | 13 +++++++++----
 io/mincore.c | 13 +++++++++----
 3 files changed, 19 insertions(+), 10 deletions(-)

diff --git a/io/fadvise.c b/io/fadvise.c
index b5ab65227..5a76ebb23 100644
--- a/io/fadvise.c
+++ b/io/fadvise.c
@@ -52,8 +52,7 @@ fadvise_f(
 	int		argc,
 	char		**argv)
 {
-	off64_t		offset = 0;
-	size_t		length = 0;
+	off64_t		offset = 0, length = 0;
 	int		c, range = 0, advise = POSIX_FADV_NORMAL;
 
 	while ((c = getopt(argc, argv, "dnrsw")) != EOF) {
diff --git a/io/madvise.c b/io/madvise.c
index 694cd415c..cd16a4cb0 100644
--- a/io/madvise.c
+++ b/io/madvise.c
@@ -52,7 +52,7 @@ madvise_f(
 	int		argc,
 	char		**argv)
 {
-	off64_t		offset;
+	off64_t		offset, llength;
 	size_t		length;
 	void		*start;
 	int		advise = MADV_NORMAL, c;
@@ -89,12 +89,17 @@ madvise_f(
 			return 0;
 		}
 		optind++;
-		length = cvtnum(blocksize, sectsize, argv[optind]);
-		if (length < 0) {
+		llength = cvtnum(blocksize, sectsize, argv[optind]);
+		if (llength < 0) {
 			printf(_("non-numeric length argument -- %s\n"),
 				argv[optind]);
 			return 0;
-		}
+		} else if (llength > (size_t)llength) {
+			printf(_("length argument too large -- %lld\n"),
+				llength);
+			return 0;
+		} else
+			length = (size_t)llength;
 	} else {
 		return command_usage(&madvise_cmd);
 	}
diff --git a/io/mincore.c b/io/mincore.c
index f863f8480..d53454083 100644
--- a/io/mincore.c
+++ b/io/mincore.c
@@ -30,7 +30,7 @@ mincore_f(
 	int		argc,
 	char		**argv)
 {
-	off64_t		offset;
+	off64_t		offset, llength;
 	size_t		length;
 	size_t		blocksize, sectsize;
 	void		*start;
@@ -49,12 +49,17 @@ mincore_f(
 				argv[1]);
 			return 0;
 		}
-		length = cvtnum(blocksize, sectsize, argv[2]);
-		if (length < 0) {
+		llength = cvtnum(blocksize, sectsize, argv[2]);
+		if (llength < 0) {
 			printf(_("non-numeric length argument -- %s\n"),
 				argv[2]);
 			return 0;
-		}
+		} else if (llength > (size_t)llength) {
+			printf(_("length argument too large -- %lld\n"),
+				llength);
+			return 0;
+		} else
+			length = (size_t)llength;
 	} else {
 		return command_usage(&mincore_cmd);
 	}
-- 
2.47.2