| To: | xfs@xxxxxxxxxxx |
|---|---|
| Subject: | Integer truncation in fs/xfs/libxfs/xfs_da_btree.c |
| From: | Kristian <kbx@xxxxxxxxx> |
| Date: | Sun, 20 Dec 2015 13:36:22 +0100 |
| Delivered-to: | xfs@xxxxxxxxxxx |
| User-agent: | Mozilla/5.0 (X11; Linux x86_64; rv:38.0) Gecko/20100101 Thunderbird/38.4.0 |
Hello, there is an integer truncation in fs/xfs/libxfs/xfs_da_btree.c +2081 /* account for newly allocated blocks in reserved blocks total */ args->total -= dp->i_d.di_nblocks - nblks; with the types: uint32 -= uint64 - uint64 On a hardened kernel with grsecurity enabled, this leads to a fault. https://forums.grsecurity.net/viewtopic.php?f=3&t=4346&sid=3200600c0faaab4bf8779a95c549a737 Is this intentional and safe? Regards Kristian |
| <Prev in Thread] | Current Thread | [Next in Thread> |
|---|---|---|
| ||
| Previous by Date: | [PATCH] XFS: Use a signed return type for suffix_kstrtoint(), SF Markus Elfring |
|---|---|
| Next by Date: | Re: [RFCv4 00/76] xfs: add reverse-mapping, reflink, and dedupe support, Brian Foster |
| Previous by Thread: | [PATCH] XFS: Use a signed return type for suffix_kstrtoint(), SF Markus Elfring |
| Next by Thread: | Re: Integer truncation in fs/xfs/libxfs/xfs_da_btree.c, Dave Chinner |
| Indexes: | [Date] [Thread] [Top] [All Lists] |