On Mon, Jul 3, 2023 at 5:42 AM Dan Carpenter <dan.carpenter@xxxxxxxxxx> wrote:
>
> On Mon, Jul 03, 2023 at 01:37:22PM +0200, Arnd Bergmann wrote:
> > From: Arnd Bergmann <arnd@xxxxxxxx>
> >
> > The overflow check in xdr_stream_decode_uint32_array() was added for
> > 32-bit systems, but on 64-bit builds it causes a build warning when
> > building with clang and W=1:
> >
> > In file included from init/do_mounts.c:22:
> > include/linux/sunrpc/xdr.h:778:10: error: result of comparison of constant 4611686018427387903 with expression of type '__u32' (aka 'unsigned int') is always false [-Werror,-Wtautological-constant-out-of-range-compare]
> > 778 | if (len > SIZE_MAX / sizeof(*p))
> >
> > Shut up the warning with a type cast.
> >
> > Fixes: 23a9dbbe0faf1 ("NFSD: prevent integer overflow on 32 bit systems")
> > Signed-off-by: Arnd Bergmann <arnd@xxxxxxxx>
> > ---
> > include/linux/sunrpc/xdr.h | 2 +-
> > 1 file changed, 1 insertion(+), 1 deletion(-)
> >
> > diff --git a/include/linux/sunrpc/xdr.h b/include/linux/sunrpc/xdr.h
> > index f89ec4b5ea169..6736121ee6a03 100644
> > --- a/include/linux/sunrpc/xdr.h
> > +++ b/include/linux/sunrpc/xdr.h
> > @@ -775,7 +775,7 @@ xdr_stream_decode_uint32_array(struct xdr_stream *xdr,
> >
> > if (unlikely(xdr_stream_decode_u32(xdr, &len) < 0))
> > return -EBADMSG;
> > - if (len > SIZE_MAX / sizeof(*p))
> > + if ((size_t)len > SIZE_MAX / sizeof(*p))
> > return -EBADMSG;
> > p = xdr_inline_decode(xdr, len * sizeof(*p));
>
> I sent a patch for this last week that takes a different approach.
>
> https://lore.kernel.org/all/2390fdc8-13fa-4456-ab67-44f0744db412@moroto.mountain/
>
> I probably should have used a Fixes tag just for informational purposes.
I have a slight preference for retaining the existing error handling
here, but am happy to have 2 fixes in hand rather than 0; thank you
both for your time looking at this.
Reviewed-by: Nick Desaulniers <ndesaulniers@xxxxxxxxxx>
>
> regards,
> dan carpenter
>
--
Thanks,
~Nick Desaulniers
