Re: nfs_super_set_maxbytes patch

[Date Prev][Date Next][Thread Prev][Thread Next][Date Index][Thread Index]

 



On Thu, Mar 17, 2016 at 7:13 AM, Alexey Dvoichenkov <xale@xxxxxxxxxxxxxx> wrote:
> Hello. I've found a small bug in what appears to be the maximum file
> size handling code.
>
> The problem here, as far as I understand, is that casting from an
> unsigned type to a signed type, when the latter cannot represent the
> arithmetic value of the former, is UB. In practice, under the PaX size
> overflow protection, this code crashes when mounting from FreeBSD
> servers that send "all ones" in the size field.
>
> Not sure I'm doing things right with the list and I'm not subscribed, so
> please CC.
>
> The fix should look something like this:
>
> --- fs/nfs/internal.h.orig      2015-11-02 10:05:25.000000000 +1000
> +++ fs/nfs/internal.h   2016-01-02 03:19:04.599120855 +1000
> @@ -612,9 +612,9 @@
>  static inline
>  void nfs_super_set_maxbytes(struct super_block *sb, __u64 maxfilesize)
>  {
> +       if (maxfilesize > MAX_LFS_FILESIZE || maxfilesize == 0)
> +               maxfilesize = MAX_LFS_FILESIZE;
>         sb->s_maxbytes = (loff_t)maxfilesize;
> -       if (sb->s_maxbytes > MAX_LFS_FILESIZE || sb->s_maxbytes <= 0)
> -               sb->s_maxbytes = MAX_LFS_FILESIZE;
>  }
>

Why are we having to change _correct_ code in order to work with a
checking tool?

Trond
--
To unsubscribe from this list: send the line "unsubscribe linux-nfs" in
the body of a message to majordomo@xxxxxxxxxxxxxxx
More majordomo info at  http://vger.kernel.org/majordomo-info.html



[Index of Archives]     [Linux Filesystem Development]     [Linux USB Development]     [Linux Media Development]     [Video for Linux]     [Linux NILFS]     [Linux Audio Users]     [Yosemite Info]     [Linux SCSI]

  Powered by Linux