diff options
| author | Dmitry Kandybka <d.kandybka@gmail.com> | 2025-04-22 12:32:04 +0300 |
|---|---|---|
| committer | Ilya Dryomov <idryomov@gmail.com> | 2025-06-01 17:53:16 +0200 |
| commit | 0abd87942e0c93964e93224836944712feba1d91 (patch) | |
| tree | 9c2b50c23e81e6acaaceec9590b1ee48cff7f39e | |
| parent | ceph: avoid kernel BUG for encrypted inode with unaligned file size (diff) | |
| download | linux-0abd87942e0c93964e93224836944712feba1d91.tar.gz linux-0abd87942e0c93964e93224836944712feba1d91.zip | |
ceph: fix possible integer overflow in ceph_zero_objects()
In 'ceph_zero_objects', promote 'object_size' to 'u64' to avoid possible
integer overflow.
Compile tested only.
Found by Linux Verification Center (linuxtesting.org) with SVACE.
Signed-off-by: Dmitry Kandybka <d.kandybka@gmail.com>
Reviewed-by: Viacheslav Dubeyko <Slava.Dubeyko@ibm.com>
Signed-off-by: Ilya Dryomov <idryomov@gmail.com>
| -rw-r--r-- | fs/ceph/file.c | 2 |
1 files changed, 1 insertions, 1 deletions
diff --git a/fs/ceph/file.c b/fs/ceph/file.c index 851d70200c6b..a7254cab44cc 100644 --- a/fs/ceph/file.c +++ b/fs/ceph/file.c @@ -2616,7 +2616,7 @@ static int ceph_zero_objects(struct inode *inode, loff_t offset, loff_t length) s32 stripe_unit = ci->i_layout.stripe_unit; s32 stripe_count = ci->i_layout.stripe_count; s32 object_size = ci->i_layout.object_size; - u64 object_set_size = object_size * stripe_count; + u64 object_set_size = (u64) object_size * stripe_count; u64 nearly, t; /* round offset up to next period boundary */ |