From: Saagar Jha <saagar@saagarjha.com>
To: linux-fsdevel@vger.kernel.org
Cc: kbuild-all@lists.01.org, viro@zeniv.linux.org.uk,
kbuild test robot <lkp@intel.com>
Subject: Re: [PATCH v2] vfs: prevent signed overflow by using u64 over loff_t
Date: Tue, 14 Jan 2020 00:28:51 -0800 [thread overview]
Message-ID: <D0C172BE-3683-4E76-ADE8-F37E4B5B43DA@saagarjha.com> (raw)
In-Reply-To: <202001141531.7tVBJ9ap%lkp@intel.com>
Oops, I accidentally had accidentally added an extra parenthesis to my
patch; sorry about that. I think I fixed the issue now and I added the
"Reported-by" line to the new patch below. Is there anything else I need
to do?
Regards,
Saagar Jha
From 4867a403decc364c8b0f4cb533bce8419e070e06 Mon Sep 17 00:00:00 2001
From: Saagar Jha <saagar@saagarjha.com>
Date: Sun, 12 Jan 2020 21:46:28 -0800
Subject: [PATCH] vfs: prevent signed overflow by using u64 over loff_t
32-bit system calls taking a 64-bit offset that arrive as split over two
32-bit unsigned integers overflow the signed loff_t when shifted over by
32 bits. Using unsigned intermediate types fixes the undefined behavior.
Reported-by: kbuild test robot <lkp@intel.com>
Signed-off-by: Saagar Jha <saagar@saagarjha.com>
---
fs/read_write.c | 10 +++++-----
1 file changed, 5 insertions(+), 5 deletions(-)
diff --git a/fs/read_write.c b/fs/read_write.c
index 5bbf587f5bc1..0f40eaa6c315 100644
--- a/fs/read_write.c
+++ b/fs/read_write.c
@@ -347,7 +347,7 @@ SYSCALL_DEFINE5(llseek, unsigned int, fd, unsigned long, offset_high,
if (whence > SEEK_MAX)
goto out_putf;
- offset = vfs_llseek(f.file, ((loff_t) offset_high << 32) | offset_low,
+ offset = vfs_llseek(f.file, ((u64) offset_high << 32) | offset_low,
whence);
retval = (int)offset;
@@ -1250,7 +1250,7 @@ COMPAT_SYSCALL_DEFINE5(preadv, compat_ulong_t, fd,
const struct compat_iovec __user *,vec,
compat_ulong_t, vlen, u32, pos_low, u32, pos_high)
{
- loff_t pos = ((loff_t)pos_high << 32) | pos_low;
+ loff_t pos = ((u64)pos_high << 32) | pos_low;
return do_compat_preadv64(fd, vec, vlen, pos, 0);
}
@@ -1272,7 +1272,7 @@ COMPAT_SYSCALL_DEFINE6(preadv2, compat_ulong_t, fd,
compat_ulong_t, vlen, u32, pos_low, u32, pos_high,
rwf_t, flags)
{
- loff_t pos = ((loff_t)pos_high << 32) | pos_low;
+ loff_t pos = ((u64)pos_high << 32) | pos_low;
if (pos == -1)
return do_compat_readv(fd, vec, vlen, flags);
@@ -1359,7 +1359,7 @@ COMPAT_SYSCALL_DEFINE5(pwritev, compat_ulong_t, fd,
const struct compat_iovec __user *,vec,
compat_ulong_t, vlen, u32, pos_low, u32, pos_high)
{
- loff_t pos = ((loff_t)pos_high << 32) | pos_low;
+ loff_t pos = ((u64)pos_high << 32) | pos_low;
return do_compat_pwritev64(fd, vec, vlen, pos, 0);
}
@@ -1380,7 +1380,7 @@ COMPAT_SYSCALL_DEFINE6(pwritev2, compat_ulong_t, fd,
const struct compat_iovec __user *,vec,
compat_ulong_t, vlen, u32, pos_low, u32, pos_high, rwf_t, flags)
{
- loff_t pos = ((loff_t)pos_high << 32) | pos_low;
+ loff_t pos = ((u64)pos_high << 32) | pos_low;
if (pos == -1)
return do_compat_writev(fd, vec, vlen, flags);
--
2.24.1
next prev parent reply other threads:[~2020-01-14 8:28 UTC|newest]
Thread overview: 7+ messages / expand[flat|nested] mbox.gz Atom feed top
2020-01-13 6:40 [PATCH] vfs: prevent signed overflow by using u64 over loff_t Saagar Jha
2020-01-14 7:54 ` kbuild test robot
2020-01-14 7:54 ` kbuild test robot
2020-01-14 8:28 ` Saagar Jha [this message]
2020-01-16 15:21 ` kbuild test robot
2020-01-16 15:21 ` kbuild test robot
2020-01-17 9:58 ` Saagar Jha
Reply instructions:
You may reply publicly to this message via plain-text email
using any one of the following methods:
* Save the following mbox file, import it into your mail client,
and reply-to-all from there: mbox
Avoid top-posting and favor interleaved quoting:
https://en.wikipedia.org/wiki/Posting_style#Interleaved_style
* Reply using the --to, --cc, and --in-reply-to
switches of git-send-email(1):
git send-email \
--in-reply-to=D0C172BE-3683-4E76-ADE8-F37E4B5B43DA@saagarjha.com \
--to=saagar@saagarjha.com \
--cc=kbuild-all@lists.01.org \
--cc=linux-fsdevel@vger.kernel.org \
--cc=lkp@intel.com \
--cc=viro@zeniv.linux.org.uk \
/path/to/YOUR_REPLY
https://kernel.org/pub/software/scm/git/docs/git-send-email.html
* If your mail client supports setting the In-Reply-To header
via mailto: links, try the mailto: link
Be sure your reply has a Subject: header at the top and a blank line
before the message body.
This is an external index of several public inboxes,
see mirroring instructions on how to clone and mirror
all data and code used by this external index.