| lists.openwall.net | lists / announce owl-users owl-dev john-users john-dev passwdqc-users yescrypt popa3d-users / oss-security kernel-hardening musl sabotage tlsify passwords / crypt-dev xvendor / Bugtraq Full-Disclosure linux-kernel linux-netdev linux-ext4 linux-hardening linux-cve-announce PHC | |
|
Open Source and information security mailing list archives
| ||
|
Message-ID: <20250730044348.133387-1-admin@mail.free-proletariat.dpdns.org> Date: Wed, 30 Jul 2025 13:43:47 +0900 From: kmpfqgdwxucqz9@...il.com To: David Sterba <dsterba@...e.com> Cc: linux-btrfs@...r.kernel.org, linux-kernel@...r.kernel.org, KernelKraze <admin@...l.free-proletariat.dpdns.org> Subject: [PATCH 0/1] btrfs: strengthen integer overflow protection in batch allocation From: KernelKraze <admin@...l.free-proletariat.dpdns.org> Hi, This patch improves robustness in the btrfs filesystem by adding integer overflow protection during batch allocation in flush_dir_items_batch(). The improvement was identified during a systematic code review of kernel subsystems. Without proper bounds checking, theoretical integer overflow could occur with extremely large directory item counts. The fix implements proper overflow checking using the kernel's overflow detection helpers and adds a reasonable upper limit consistent with other btrfs batch operations. This has been compile-tested and the fix aligns with existing patterns in the btrfs codebase (log_delayed_insertion_items uses the same 195 limit). The patch passes checkpatch.pl with no errors or warnings. I've CC'd the btrfs maintainers for review. Thanks, KernelKraze KernelKraze (1): btrfs: add integer overflow protection to flush_dir_items_batch allocation fs/btrfs/tree-log.c | 27 ++++++++++++++++++++++++--- 1 file changed, 24 insertions(+), 3 deletions(-) -- 2.48.1
Powered by blists - more mailing lists