Re: [PATCH] fs: btrfs: fix potential overflow

From: Brian Norris
Date: Tue Aug 26 2014 - 02:45:33 EST


On Sun, Aug 24, 2014 at 12:44:11PM +0300, Timofey Titovets wrote:
> 2014-08-24 8:41 GMT+03:00 Brian Norris <computeaboversforpeace@xxxxxxxxx>:
> > --- a/fs/btrfs/scrub.c
> > +++ b/fs/btrfs/scrub.c
> > @@ -2320,26 +2320,26 @@ static noinline_for_stack int scrub_stripe(struct scrub_ctx *sctx,
> > do_div(nstripes, map->stripe_len);
> > if (map->type & BTRFS_BLOCK_GROUP_RAID0) {
> > offset = map->stripe_len * num;
> > - increment = map->stripe_len * map->num_stripes;
> > + increment *= map->num_stripes;
> > mirror_num = 1;
> > } else if (map->type & BTRFS_BLOCK_GROUP_RAID10) {
> > int factor = map->num_stripes / map->sub_stripes;
> > offset = map->stripe_len * (num / map->sub_stripes);
> > - increment = map->stripe_len * factor;
> > + increment *= factor;
> > mirror_num = num % map->sub_stripes + 1;
> > } else if (map->type & BTRFS_BLOCK_GROUP_RAID1) {
> > - increment = map->stripe_len;
> > + increment *= 1;
> Why? I think multiple by one is useless or i miss something?

A misguided attempt to keep the code structure intact. I'll drop these
for v2.

[snip]

Thanks,
Brian
--
To unsubscribe from this list: send the line "unsubscribe linux-kernel" in
the body of a message to majordomo@xxxxxxxxxxxxxxx
More majordomo info at http://vger.kernel.org/majordomo-info.html
Please read the FAQ at http://www.tux.org/lkml/