[PATCH] mm: fadvise: avoid signed integer overflow calculating offset
From: Sasha Levin
Date: Mon Dec 01 2014 - 23:04:38 EST
Both offset and len are signed integers who's overflow isn't defined. Use
unsigned addition to avoid the issue.
Signed-off-by: Sasha Levin <sasha.levin@xxxxxxxxxx>
---
mm/fadvise.c | 2 +-
1 file changed, 1 insertion(+), 1 deletion(-)
diff --git a/mm/fadvise.c b/mm/fadvise.c
index 3bcfd81d..762cb63 100644
--- a/mm/fadvise.c
+++ b/mm/fadvise.c
@@ -67,7 +67,7 @@ SYSCALL_DEFINE4(fadvise64_64, int, fd, loff_t, offset, loff_t, len, int, advice)
}
/* Careful about overflows. Len == 0 means "as much as possible" */
- endbyte = offset + len;
+ endbyte = offset + (u64)len;
if (!len || endbyte < len)
endbyte = -1;
else
--
1.7.10.4
--
To unsubscribe from this list: send the line "unsubscribe linux-kernel" in
the body of a message to majordomo@xxxxxxxxxxxxxxx
More majordomo info at http://vger.kernel.org/majordomo-info.html
Please read the FAQ at http://www.tux.org/lkml/