Re: [PATCH v2] xfs: fix possible overflow in xfs_ioc_trim()

[Christoph Hellwig <hch@xxxxxxxxxxxxx>]

On Wed, Sep 07, 2011 at 12:05:14PM +0200, Lukas Czerner wrote:
> > > + if (len > max_blks)
> > > +         len = max_blks - start;
> > 
> > Is this really the correct check?
> > 
> > Shouldn't it be
> > 
> >     if (start + len > max_blks)
> >             len = max_blks - start;
> > 
> > I'd also just use the mp->m_sb.sb_dblocks value directly instead
> > of assigning it to a local variable.
> > 
> 
> Agh, you're right. I am bit too hasty I guess. I thought that
> 
> if (start_agno >= mp->m_sb.sb_agcount)
>       return -XFS_ERROR(EINVAL);
> 
> will cover us from the unreasonably big start, however if the file
> system has really huge number of AGs than it will fail to prevent the
> overflow, I am not sure if that is possible to happen, but what you
> proposed is definitely better.

The problem is that start could be very far into the fs, so checking
len alone won't help very much.  And we probably want a check if 
start + len is overflowing, too.

Care to update the test case to cover these cases as well?