| lists.openwall.net | lists / announce owl-users owl-dev john-users john-dev passwdqc-users yescrypt popa3d-users / oss-security kernel-hardening musl sabotage tlsify passwords / crypt-dev xvendor / Bugtraq Full-Disclosure linux-kernel linux-netdev linux-ext4 linux-hardening linux-cve-announce PHC | |
|
Open Source and information security mailing list archives
| ||
|
Date: Thu, 23 Nov 2023 13:06:27 +0300
From: Anastasia Belova <abelova@...ralinux.ru>
To: Anders Larsen <al@...rsen.net>
Cc: Anastasia Belova <abelova@...ralinux.ru>,
linux-kernel@...r.kernel.org, lvc-project@...uxtesting.org
Subject: [PATCH] qnx4: add upcasting to avoid overflow
To avoid possible integer overflow in qnx4_statfs
cast literal to unsigned long. Otherwise multiplication
of two u32 may give a value that is outside of the range.
Found by Linux Verification Center (linuxtesting.org) with SVACE.
Fixes: 1da177e4c3f4 ("Linux-2.6.12-rc2")
Signed-off-by: Anastasia Belova <abelova@...ralinux.ru>
---
fs/qnx4/inode.c | 2 +-
1 file changed, 1 insertion(+), 1 deletion(-)
diff --git a/fs/qnx4/inode.c b/fs/qnx4/inode.c
index 6eb9bb369b57..4be8dba60567 100644
--- a/fs/qnx4/inode.c
+++ b/fs/qnx4/inode.c
@@ -133,7 +133,7 @@ static int qnx4_statfs(struct dentry *dentry, struct kstatfs *buf)
buf->f_type = sb->s_magic;
buf->f_bsize = sb->s_blocksize;
- buf->f_blocks = le32_to_cpu(qnx4_sb(sb)->BitMap->di_size) * 8;
+ buf->f_blocks = le32_to_cpu(qnx4_sb(sb)->BitMap->di_size) * 8ul;
buf->f_bfree = qnx4_count_free_blocks(sb);
buf->f_bavail = buf->f_bfree;
buf->f_namelen = QNX4_NAME_MAX;
--
2.30.2
Powered by blists - more mailing lists