xfs
[Top] [All Lists]
<prev [Date] next>
[Advanced]
 <prev [Thread] next>

[PATCH] xfs: prevent range.len underflow in xfs_ioc_trim()

from [Lukas Czerner] [Permanent Link][Original]
To: xfs@xxxxxxxxxxx
Subject: [PATCH] xfs: prevent range.len underflow in xfs_ioc_trim()
From: Lukas Czerner <lczerner@xxxxxxxxxx>
Date: Wed, 11 Dec 2013 13:05:25 +0100
Cc: Lukas Czerner <lczerner@xxxxxxxxxx>
Delivered-to: xfs@xxxxxxxxxxx 
Currently when range.len is set to 0 it will underflow. Fix it by
checking for this scenario and return EINVAL in case range.len is
smaller than block size.

This was discovered by the xfstests generic/288 and with this patch
the problem goes away.

Signed-off-by: Lukas Czerner <lczerner@xxxxxxxxxx>
---
 fs/xfs/xfs_discard.c | 3 ++-
 1 file changed, 2 insertions(+), 1 deletion(-)

diff --git a/fs/xfs/xfs_discard.c b/fs/xfs/xfs_discard.c
index 8367d6d..9029082 100644
--- a/fs/xfs/xfs_discard.c
+++ b/fs/xfs/xfs_discard.c
@@ -180,7 +180,8 @@ xfs_ioc_trim(
         * matter as trimming blocks is an advisory interface.
         */
        if (range.start >= XFS_FSB_TO_B(mp, mp->m_sb.sb_dblocks) ||
-           range.minlen > XFS_FSB_TO_B(mp, XFS_ALLOC_AG_MAX_USABLE(mp)))
+           range.minlen > XFS_FSB_TO_B(mp, XFS_ALLOC_AG_MAX_USABLE(mp)) ||
+           range.len < XFS_FSB_TO_B(mp, 1))
                return -XFS_ERROR(EINVAL);
 
        start = BTOBB(range.start);
-- 
1.8.3.1
[More with this subject...]
<Prev in Thread] Current Thread [Next in Thread>
Previous by Date:  [PATCH 06/10 v2] xfs: format log items write directly into the linear CIL buffer, Christoph Hellwig
Next by Date:  Re: [PATCH] xfs: prevent range.len underflow in xfs_ioc_trim(), Jeff Liu
Previous by Thread:  [PATCH 06/10 v2] xfs: format log items write directly into the linear CIL buffer, Christoph Hellwig
Next by Thread:  Re: [PATCH] xfs: prevent range.len underflow in xfs_ioc_trim(), Jeff Liu
Indexes:  [Date] [Thread] [Top] [All Lists]