This is a note to let you know that I've just added the patch titled
fs/ntfs3: Avoid UBSAN error on true_sectors_per_clst()
to the 5.15-stable tree which can be found at:
http://www.kernel.org/git/?p=linux/kernel/git/stable/stable-queue.git;a=summary
The filename of the patch is:
fs-ntfs3-avoid-ubsan-error-on-true_sectors_per_clst.patch
and it can be found in the queue-5.15 subdirectory.
If you, or anyone else, feels it should not be added to the stable tree,
please let <stable@xxxxxxxxxxxxxxx> know about it.
commit 6139c395189723d4dbcae0e43d1e18b5ff90132c
Author: Shigeru Yoshida <syoshida@xxxxxxxxxx>
Date: Tue Aug 23 23:46:25 2022 +0900
fs/ntfs3: Avoid UBSAN error on true_sectors_per_clst()
[ Upstream commit caad9dd8792a2622737b7273cb34835fd9536cd2 ]
syzbot reported UBSAN error as below:
[ 76.901829][ T6677] ================================================================================
[ 76.903908][ T6677] UBSAN: shift-out-of-bounds in fs/ntfs3/super.c:675:13
[ 76.905363][ T6677] shift exponent -247 is negative
This patch avoid this error.
Link: https://syzkaller.appspot.com/bug?id=b0299c09a14aababf0f1c862dd4ebc8ab9eb0179
Fixes: a3b774342fa7 (fs/ntfs3: validate BOOT sectors_per_clusters)
Cc: Author: Randy Dunlap <rdunlap@xxxxxxxxxxxxx>
Reported-by: syzbot+35b87c668935bb55e666@xxxxxxxxxxxxxxxxxxxxxxxxx
Signed-off-by: Shigeru Yoshida <syoshida@xxxxxxxxxx>
Signed-off-by: Konstantin Komarov <almaz.alexandrovich@xxxxxxxxxxxxxxxxxxxx>
Signed-off-by: Sasha Levin <sashal@xxxxxxxxxx>
diff --git a/fs/ntfs3/super.c b/fs/ntfs3/super.c
index f3b88c7e35f7..39b09f32f4db 100644
--- a/fs/ntfs3/super.c
+++ b/fs/ntfs3/super.c
@@ -672,7 +672,7 @@ static u32 true_sectors_per_clst(const struct NTFS_BOOT *boot)
if (boot->sectors_per_clusters <= 0x80)
return boot->sectors_per_clusters;
if (boot->sectors_per_clusters >= 0xf4) /* limit shift to 2MB max */
- return 1U << (0 - boot->sectors_per_clusters);
+ return 1U << -(s8)boot->sectors_per_clusters;
return -EINVAL;
}
