Re: [PATCH v8 2/2] block: add overflow checks for Amiga partition support

[Date Prev][Date Next][Thread Prev][Thread Next][Date Index][Thread Index]

 



Hi Geert,

saw this a minute too late - will resend again.

Cheers,

    Michael

On 23/08/22 09:03, Geert Uytterhoeven wrote:
Hi Michael,

On Mon, Aug 22, 2022 at 10:38 PM Michael Schmitz <schmitzmic@xxxxxxxxx> wrote:
On 11/08/22 23:40, Geert Uytterhoeven wrote:
On Tue, Jul 26, 2022 at 1:43 PM Christoph Hellwig <hch@xxxxxxxxxxxxx> wrote:
On Tue, Jul 26, 2022 at 04:57:47PM +1200, Michael Schmitz wrote:
The Amiga partition parser module uses signed int for partition sector
address and count, which will overflow for disks larger than 1 TB.

Use u64 as type for sector address and size to allow using disks up to
2 TB without LBD support, and disks larger than 2 TB with LBD. The RBD
format allows to specify disk sizes up to 2^128 bytes (though native
OS limitations reduce this somewhat, to max 2^68 bytes), so check for
u64 overflow carefully to protect against overflowing sector_t.

Bail out if sector addresses overflow 32 bits on kernels without LBD
support.

This bug was reported originally in 2012, and the fix was created by
the RDB author, Joanne Dow <jdow@xxxxxxxxxxxxx>. A patch had been
discussed and reviewed on linux-m68k at that time but never officially
submitted (now resubmitted as separate patch).
This patch adds additional error checking and warning messages.

Fixes: https://bugzilla.kernel.org/show_bug.cgi?id=43511
Reported-by: Martin Steigerwald <Martin@xxxxxxxxxxxx>
Message-ID: <201206192146.09327.Martin@xxxxxxxxxxxx>
Signed-off-by: Michael Schmitz <schmitzmic@xxxxxxxxx>
Reviewed-by: Geert Uytterhoeven <geert@xxxxxxxxxxxxxx>
--- a/block/partitions/amiga.c
+++ b/block/partitions/amiga.c
                if (!data) {
-                     pr_err("Dev %s: unable to read RDB block %d\n",
-                            state->disk->disk_name, blk);
+                     pr_err("Dev %s: unable to read RDB block %llu\n",
+                            state->disk->disk_name, (u64) blk);
No need for the various printk casts, a sector_t is always an
unsigned long long.
That is true, as of commit 72deb455b5ec619f
("block: remove CONFIG_LBDAF") in v5.2.
Since 4.9, 4.14, and 4.19 are still receiving stable updates, the
cast should be re-added when this is backported.
Does this require a note in the commit message, or explicit CC to Greg?
According to [1], you should add

     Cc: <stable@xxxxxxxxxxxxxxx> # 5.2

[1] https://docs.kernel.org/process/stable-kernel-rules.html?highlight=prerequisites

Gr{oetje,eeting}s,

                         Geert

--
Geert Uytterhoeven -- There's lots of Linux beyond ia32 -- geert@xxxxxxxxxxxxxx

In personal conversations with technical people, I call myself a hacker. But
when I'm talking to journalists I just say "programmer" or something like that.
                                 -- Linus Torvalds



[Index of Archives]     [Video for Linux]     [Yosemite News]     [Linux S/390]     [Linux Kernel]     [Linux SCSI]

  Powered by Linux