| lists.openwall.net | lists / announce owl-users owl-dev john-users john-dev passwdqc-users yescrypt popa3d-users / oss-security kernel-hardening musl sabotage tlsify passwords / crypt-dev xvendor / Bugtraq Full-Disclosure linux-kernel linux-netdev linux-ext4 linux-hardening linux-cve-announce PHC | |
|
Open Source and information security mailing list archives
| ||
|
Date: Fri, 25 Oct 2019 13:43:15 +0100
From: Colin King <colin.king@...onical.com>
To: Alexander Viro <viro@...iv.linux.org.uk>,
Jens Axboe <axboe@...nel.dk>, linux-fsdevel@...r.kernel.org
Cc: kernel-janitors@...r.kernel.org, linux-kernel@...r.kernel.org
Subject: [PATCH][next] io-wq: fix unintentional integer overflow on left shift
From: Colin Ian King <colin.king@...onical.com>
Shifting the integer value 1U is evaluated with type unsigned int
using 32-bit arithmetic and then used in an expression that expects
a 64-bit value, so there is potentially an integer overflow. Fix this
by using the BIT_ULL macro to perform the shift and avoid the overflow.
Addresses-Coverity: ("Unintentional integer overflow")
Fixes: 46134db8fdc5 ("io-wq: small threadpool implementation for io_uring")
Signed-off-by: Colin Ian King <colin.king@...onical.com>
---
fs/io-wq.c | 4 ++--
1 file changed, 2 insertions(+), 2 deletions(-)
diff --git a/fs/io-wq.c b/fs/io-wq.c
index 35e94792d47c..ea5d37193f31 100644
--- a/fs/io-wq.c
+++ b/fs/io-wq.c
@@ -228,8 +228,8 @@ static struct io_wq_work *io_get_next_work(struct io_wqe *wqe, unsigned *hash)
/* hashed, can run if not already running */
*hash = work->flags >> IO_WQ_HASH_SHIFT;
- if (!(wqe->hash_map & (1U << *hash))) {
- wqe->hash_map |= (1U << *hash);
+ if (!(wqe->hash_map & BIT_ULL(*hash))) {
+ wqe->hash_map |= BIT_ULL(*hash);
list_del(&work->list);
return work;
}
--
2.20.1
Powered by blists - more mailing lists