| lists.openwall.net | lists / announce owl-users owl-dev john-users john-dev passwdqc-users yescrypt popa3d-users / oss-security kernel-hardening musl sabotage tlsify passwords / crypt-dev xvendor / Bugtraq Full-Disclosure linux-kernel linux-netdev linux-ext4 linux-hardening linux-cve-announce PHC | |
|
Open Source and information security mailing list archives
| ||
|
Message-Id: <20220408234707.2562835-1-khazhy@google.com>
Date: Fri, 8 Apr 2022 16:47:07 -0700
From: Khazhismel Kumykov <khazhy@...gle.com>
To: Jens Axboe <axboe@...nel.dk>
Cc: linux-block@...r.kernel.org, linux-kernel@...r.kernel.org,
Khazhismel Kumykov <khazhy@...gle.com>
Subject: [PATCH] block/compat_ioctl: fix range check in BLKGETSIZE
kernel ulong and compat_ulong_t may not be same width. Use type directly
to eliminate mismatches.
This would result in truncation rather than EFBIG for 32bit mode for
large disks.
Signed-off-by: Khazhismel Kumykov <khazhy@...gle.com>
---
block/ioctl.c | 2 +-
1 file changed, 1 insertion(+), 1 deletion(-)
Noticed this one was sitting in my "not landed yet" pile, third time's
the charm? :)
diff --git a/block/ioctl.c b/block/ioctl.c
index 4a86340133e4..959e93a90b29 100644
--- a/block/ioctl.c
+++ b/block/ioctl.c
@@ -629,7 +629,7 @@ long compat_blkdev_ioctl(struct file *file, unsigned cmd, unsigned long arg)
return compat_put_long(argp,
(bdev->bd_disk->bdi->ra_pages * PAGE_SIZE) / 512);
case BLKGETSIZE:
- if (bdev_nr_sectors(bdev) > ~0UL)
+ if (bdev_nr_sectors(bdev) > ~((compat_ulong_t)0UL))
return -EFBIG;
return compat_put_ulong(argp, bdev_nr_sectors(bdev));
--
2.35.1.1178.g4f1659d476-goog
Powered by blists - more mailing lists