Re: [PATCH] hugetlbfs: Fix integer overflow check in hugetlbfs_file_mmap()
From: Alexey Dobriyan
Date: Mon Jul 10 2023 - 05:03:53 EST
> --- a/fs/hugetlbfs/inode.c
> +++ b/fs/hugetlbfs/inode.c
> @@ -157,7 +157,7 @@ static int hugetlbfs_file_mmap(struct file *file, struct vm_area_struct *vma)
> vma_len = (loff_t)(vma->vm_end - vma->vm_start);
> len = vma_len + ((loff_t)vma->vm_pgoff << PAGE_SHIFT);
> /* check for overflow */
> - if (len < vma_len)
> + if (vma_len > LLONG_MAX - ((loff_t)vma->vm_pgoff << PAGE_SHIFT))
> return -EINVAL;
Proper fix is to make everything unsigned probably.