[PATCH 2/2] xfs_refcount: Preventing integer overflow

From: Andrey Shumilin
Date: Sat Mar 23 2024 - 02:26:30 EST

Next message: Qingfang Deng: "Re: [PATCH] riscv: Improve sbi_ecall() code generation by reordering arguments"
Previous message: Nick Bowler: "Re: [PATCH] fbdev: Select I/O-memory framebuffer ops for SBus"
Next in thread: Darrick J. Wong: "Re: [PATCH 2/2] xfs_refcount: Preventing integer overflow"
Messages sorted by: [ date ] [ thread ] [ subject ] [ author ]

Multiplying variables can overflow the "overhead" variable.
To fix this, the variable type has been increased.
Next, a subtraction operation occurs with it,
but before that it is checked.

Found by Linux Verification Center (linuxtesting.org) with SVACE.
Signed-off-by: Andrey Shumilin <shum.sdl@xxxxxxxx>
---
fs/xfs/libxfs/xfs_refcount.c | 2 +-
1 file changed, 1 insertion(+), 1 deletion(-)

diff --git a/fs/xfs/libxfs/xfs_refcount.c b/fs/xfs/libxfs/xfs_refcount.c
index 511c912d515c..cbf07552eaff 100644
--- a/fs/xfs/libxfs/xfs_refcount.c
+++ b/fs/xfs/libxfs/xfs_refcount.c
@@ -1070,7 +1070,7 @@ static bool
xfs_refcount_still_have_space(
struct xfs_btree_cur *cur)
{
- unsigned long overhead;
+ unsigned long long overhead;

/*
* Worst case estimate: full splits of the free space and rmap btrees
--
2.30.2

Next message: Qingfang Deng: "Re: [PATCH] riscv: Improve sbi_ecall() code generation by reordering arguments"
Previous message: Nick Bowler: "Re: [PATCH] fbdev: Select I/O-memory framebuffer ops for SBus"
Next in thread: Darrick J. Wong: "Re: [PATCH 2/2] xfs_refcount: Preventing integer overflow"
Messages sorted by: [ date ] [ thread ] [ subject ] [ author ]