hi all, fs/cifs/inode.c:cifs_set_file_size can truncate iattr.ia_size from loff_t (long long) to unsigned int here: io_parms.length = attrs->ia_size; and i'm wondering if this is intentional. based on a quick read of the code, it seems that ia_size can at this point have a value over 4G (e.g., via a call to truncate) and the ->set_file_size callback will transmit the full 64 bit value however in case of specific failures a (fallback?) call to CIFSSMBWrite would be made with the truncated size. FTR, this issue was detected with the upcoming version of the size overflow plugin we have in PaX/grsecurity and there're a handful of similar cases in the tree where potentially unwanted or unnecessary integer truncations occur, this being one of these. any opinion/help is welcome! cheers, PaX Team -- To unsubscribe from this list: send the line "unsubscribe linux-cifs" in the body of a message to majordomo@xxxxxxxxxxxxxxx More majordomo info at http://vger.kernel.org/majordomo-info.html
