diff options
| author | Nikita Zhandarovich <n.zhandarovich@fintech.ru> | 2024-07-24 10:28:38 -0700 |
|---|---|---|
| committer | Jaegeuk Kim <jaegeuk@kernel.org> | 2024-08-05 20:18:35 +0000 |
| commit | 1cade98cf6415897bf9342ee451cc5b40b58c638 (patch) | |
| tree | 176635c2f140f6ce3b147e77d663f70d13998d73 /fs/f2fs/file.c | |
| parent | 47f268f33dff4a5e31541a990dc09f116f80e61c (diff) | |
| download | linux-1cade98cf6415897bf9342ee451cc5b40b58c638.tar.gz linux-1cade98cf6415897bf9342ee451cc5b40b58c638.tar.bz2 linux-1cade98cf6415897bf9342ee451cc5b40b58c638.zip | |
f2fs: fix several potential integer overflows in file offsets
When dealing with large extents and calculating file offsets by
summing up according extent offsets and lengths of unsigned int type,
one may encounter possible integer overflow if the values are
big enough.
Prevent this from happening by expanding one of the addends to
(pgoff_t) type.
Found by Linux Verification Center (linuxtesting.org) with static
analysis tool SVACE.
Fixes: d323d005ac4a ("f2fs: support file defragment")
Cc: stable@vger.kernel.org
Signed-off-by: Nikita Zhandarovich <n.zhandarovich@fintech.ru>
Reviewed-by: Chao Yu <chao@kernel.org>
Signed-off-by: Jaegeuk Kim <jaegeuk@kernel.org>
Diffstat (limited to 'fs/f2fs/file.c')
| -rw-r--r-- | fs/f2fs/file.c | 2 |
1 files changed, 1 insertions, 1 deletions
diff --git a/fs/f2fs/file.c b/fs/f2fs/file.c index 168f08507004..c598cfe5e0ed 100644 --- a/fs/f2fs/file.c +++ b/fs/f2fs/file.c @@ -2710,7 +2710,7 @@ static int f2fs_defragment_range(struct f2fs_sb_info *sbi, * block addresses are continuous. */ if (f2fs_lookup_read_extent_cache(inode, pg_start, &ei)) { - if (ei.fofs + ei.len >= pg_end) + if ((pgoff_t)ei.fofs + ei.len >= pg_end) goto out; } |