xfs
[Top] [All Lists]
<prev [Date] next>
[Advanced]
 <prev [Thread] next>

[PATCH] xfs: avoid underflow in xfs_ioc_trim()

from [Lukas Czerner] [Permanent Link][Original]
To: xfs@xxxxxxxxxxx
Subject: [PATCH] xfs: avoid underflow in xfs_ioc_trim()
From: Lukas Czerner <lczerner@xxxxxxxxxx>
Date: Tue, 9 Oct 2012 14:15:45 +0200
Cc: david@xxxxxxxxxxxxx, Lukas Czerner <lczerner@xxxxxxxxxx> 
Currently if len argument in xfs_ioc_trim() is smaller than one BB
(basic block) the 'end' variable underflow. Avoid that by bailing out if
len is smaller than BB.

Signed-off-by: Lukas Czerner <lczerner@xxxxxxxxxx>
---
 fs/xfs/xfs_discard.c |    7 ++++++-
 1 files changed, 6 insertions(+), 1 deletions(-)

diff --git a/fs/xfs/xfs_discard.c b/fs/xfs/xfs_discard.c
index 69cf4fc..54dc58a 100644
--- a/fs/xfs/xfs_discard.c
+++ b/fs/xfs/xfs_discard.c
@@ -183,8 +183,12 @@ xfs_ioc_trim(
            range.minlen > XFS_FSB_TO_B(mp, XFS_ALLOC_AG_MAX_USABLE(mp)))
                return -XFS_ERROR(EINVAL);
 
+       end = BTOBBT(range.len);
+       if (0 == end)
+               goto out;
+
        start = BTOBB(range.start);
-       end = start + BTOBBT(range.len) - 1;
+       end += start - 1;
        minlen = BTOBB(max_t(u64, granularity, range.minlen));
 
        if (end > XFS_FSB_TO_BB(mp, mp->m_sb.sb_dblocks) - 1)
@@ -203,6 +207,7 @@ xfs_ioc_trim(
        if (last_error)
                return last_error;
 
+out:
        range.len = XFS_FSB_TO_B(mp, blocks_trimmed);
        if (copy_to_user(urange, &range, sizeof(range)))
                return -XFS_ERROR(EFAULT);
-- 
1.7.7.6
[More with this subject...]
<Prev in Thread] Current Thread [Next in Thread>
Previous by Date:  Re: [PATCH] mm: Fix XFS oops due to dirty pages without buffers on s390, Martin Schwidefsky
Next by Date:  [PATCH] 260: Add another corner case where length is zero, Lukas Czerner
Previous by Thread:  Christmas USB Flash Drives for Promotion, feetek
Next by Thread:  Re: [PATCH] xfs: avoid underflow in xfs_ioc_trim(), Carlos Maiolino
Indexes:  [Date] [Thread] [Top] [All Lists]