| lists.openwall.net | lists / announce owl-users owl-dev john-users john-dev passwdqc-users yescrypt popa3d-users / oss-security kernel-hardening musl sabotage tlsify passwords / crypt-dev xvendor / Bugtraq Full-Disclosure linux-kernel linux-netdev linux-ext4 linux-hardening linux-cve-announce PHC | |
|
Open Source and information security mailing list archives
| ||
|
Date: Tue, 16 Jan 2024 14:53:48 -0500 From: Sasha Levin <sashal@...nel.org> To: linux-kernel@...r.kernel.org, stable@...r.kernel.org Cc: Christoph Hellwig <hch@....de>, Johannes Thumshirn <johannes.thumshirn@....com>, Jens Axboe <axboe@...nel.dk>, Sasha Levin <sashal@...nel.org>, linux-block@...r.kernel.org Subject: [PATCH AUTOSEL 6.1 49/68] block: prevent an integer overflow in bvec_try_merge_hw_page From: Christoph Hellwig <hch@....de> [ Upstream commit 3f034c374ad55773c12dd8f3c1607328e17c0072 ] Reordered a check to avoid a possible overflow when adding len to bv_len. Signed-off-by: Christoph Hellwig <hch@....de> Reviewed-by: Johannes Thumshirn <johannes.thumshirn@....com> Link: https://lore.kernel.org/r/20231204173419.782378-2-hch@lst.de Signed-off-by: Jens Axboe <axboe@...nel.dk> Signed-off-by: Sasha Levin <sashal@...nel.org> --- block/bio.c | 2 +- 1 file changed, 1 insertion(+), 1 deletion(-) diff --git a/block/bio.c b/block/bio.c index 9ec72a78f114..832de693a44b 100644 --- a/block/bio.c +++ b/block/bio.c @@ -927,7 +927,7 @@ static bool bio_try_merge_hw_seg(struct request_queue *q, struct bio *bio, if ((addr1 | mask) != (addr2 | mask)) return false; - if (bv->bv_len + len > queue_max_segment_size(q)) + if (len > queue_max_segment_size(q) - bv->bv_len) return false; return __bio_try_merge_page(bio, page, len, offset, same_page); } -- 2.43.0
Powered by blists - more mailing lists