Integer truncation in fs/xfs/libxfs/xfs_da_btree.c
Kristian
kbx at posteo.de
Sun Dec 20 06:36:22 CST 2015
Hello,
there is an integer truncation in
fs/xfs/libxfs/xfs_da_btree.c +2081
/* account for newly allocated blocks in reserved blocks total */
args->total -= dp->i_d.di_nblocks - nblks;
with the types: uint32 -= uint64 - uint64
On a hardened kernel with grsecurity enabled, this leads to a fault.
https://forums.grsecurity.net/viewtopic.php?f=3&t=4346&sid=3200600c0faaab4bf8779a95c549a737
Is this intentional and safe?
Regards
Kristian
More information about the xfs
mailing list