All of lore.kernel.org
 help / color / mirror / Atom feed
From: Saagar Jha <saagar@saagarjha.com>
To: linux-fsdevel@vger.kernel.org
Cc: kbuild-all@lists.01.org, viro@zeniv.linux.org.uk,
	kbuild test robot <lkp@intel.com>
Subject: Re: [PATCH v2] vfs: prevent signed overflow by using u64 over loff_t
Date: Tue, 14 Jan 2020 00:28:51 -0800	[thread overview]
Message-ID: <D0C172BE-3683-4E76-ADE8-F37E4B5B43DA@saagarjha.com> (raw)
In-Reply-To: <202001141531.7tVBJ9ap%lkp@intel.com>

Oops, I accidentally had accidentally added an extra parenthesis to my
patch; sorry about that. I think I fixed the issue now and I added the
"Reported-by" line to the new patch below. Is there anything else I need
to do?

Regards,
Saagar Jha

From 4867a403decc364c8b0f4cb533bce8419e070e06 Mon Sep 17 00:00:00 2001
From: Saagar Jha <saagar@saagarjha.com>
Date: Sun, 12 Jan 2020 21:46:28 -0800
Subject: [PATCH] vfs: prevent signed overflow by using u64 over loff_t

32-bit system calls taking a 64-bit offset that arrive as split over two
32-bit unsigned integers overflow the signed loff_t when shifted over by
32 bits. Using unsigned intermediate types fixes the undefined behavior.

Reported-by: kbuild test robot <lkp@intel.com>
Signed-off-by: Saagar Jha <saagar@saagarjha.com>
---
 fs/read_write.c | 10 +++++-----
 1 file changed, 5 insertions(+), 5 deletions(-)

diff --git a/fs/read_write.c b/fs/read_write.c
index 5bbf587f5bc1..0f40eaa6c315 100644
--- a/fs/read_write.c
+++ b/fs/read_write.c
@@ -347,7 +347,7 @@ SYSCALL_DEFINE5(llseek, unsigned int, fd, unsigned long, offset_high,
 	if (whence > SEEK_MAX)
 		goto out_putf;
 
-	offset = vfs_llseek(f.file, ((loff_t) offset_high << 32) | offset_low,
+	offset = vfs_llseek(f.file, ((u64) offset_high << 32) | offset_low,
 			whence);
 
 	retval = (int)offset;
@@ -1250,7 +1250,7 @@ COMPAT_SYSCALL_DEFINE5(preadv, compat_ulong_t, fd,
 		const struct compat_iovec __user *,vec,
 		compat_ulong_t, vlen, u32, pos_low, u32, pos_high)
 {
-	loff_t pos = ((loff_t)pos_high << 32) | pos_low;
+	loff_t pos = ((u64)pos_high << 32) | pos_low;
 
 	return do_compat_preadv64(fd, vec, vlen, pos, 0);
 }
@@ -1272,7 +1272,7 @@ COMPAT_SYSCALL_DEFINE6(preadv2, compat_ulong_t, fd,
 		compat_ulong_t, vlen, u32, pos_low, u32, pos_high,
 		rwf_t, flags)
 {
-	loff_t pos = ((loff_t)pos_high << 32) | pos_low;
+	loff_t pos = ((u64)pos_high << 32) | pos_low;
 
 	if (pos == -1)
 		return do_compat_readv(fd, vec, vlen, flags);
@@ -1359,7 +1359,7 @@ COMPAT_SYSCALL_DEFINE5(pwritev, compat_ulong_t, fd,
 		const struct compat_iovec __user *,vec,
 		compat_ulong_t, vlen, u32, pos_low, u32, pos_high)
 {
-	loff_t pos = ((loff_t)pos_high << 32) | pos_low;
+	loff_t pos = ((u64)pos_high << 32) | pos_low;
 
 	return do_compat_pwritev64(fd, vec, vlen, pos, 0);
 }
@@ -1380,7 +1380,7 @@ COMPAT_SYSCALL_DEFINE6(pwritev2, compat_ulong_t, fd,
 		const struct compat_iovec __user *,vec,
 		compat_ulong_t, vlen, u32, pos_low, u32, pos_high, rwf_t, flags)
 {
-	loff_t pos = ((loff_t)pos_high << 32) | pos_low;
+	loff_t pos = ((u64)pos_high << 32) | pos_low;
 
 	if (pos == -1)
 		return do_compat_writev(fd, vec, vlen, flags);
-- 
2.24.1



  reply	other threads:[~2020-01-14  8:28 UTC|newest]

Thread overview: 7+ messages / expand[flat|nested]  mbox.gz  Atom feed  top
2020-01-13  6:40 [PATCH] vfs: prevent signed overflow by using u64 over loff_t Saagar Jha
2020-01-14  7:54 ` kbuild test robot
2020-01-14  7:54   ` kbuild test robot
2020-01-14  8:28   ` Saagar Jha [this message]
2020-01-16 15:21 ` kbuild test robot
2020-01-16 15:21   ` kbuild test robot
2020-01-17  9:58   ` Saagar Jha

Reply instructions:

You may reply publicly to this message via plain-text email
using any one of the following methods:

* Save the following mbox file, import it into your mail client,
  and reply-to-all from there: mbox

  Avoid top-posting and favor interleaved quoting:
  https://en.wikipedia.org/wiki/Posting_style#Interleaved_style

* Reply using the --to, --cc, and --in-reply-to
  switches of git-send-email(1):

  git send-email \
    --in-reply-to=D0C172BE-3683-4E76-ADE8-F37E4B5B43DA@saagarjha.com \
    --to=saagar@saagarjha.com \
    --cc=kbuild-all@lists.01.org \
    --cc=linux-fsdevel@vger.kernel.org \
    --cc=lkp@intel.com \
    --cc=viro@zeniv.linux.org.uk \
    /path/to/YOUR_REPLY

  https://kernel.org/pub/software/scm/git/docs/git-send-email.html

* If your mail client supports setting the In-Reply-To header
  via mailto: links, try the mailto: link
Be sure your reply has a Subject: header at the top and a blank line before the message body. 
This is an external index of several public inboxes,
see mirroring instructions on how to clone and mirror
all data and code used by this external index.