projects / GitHub / exynos8895 / android_kernel_samsung_universal8895.git / commitdiff
? search:
summary | shortlog | log | commit | commitdiff | tree
raw | patch | inline | side by side (parent: a114af8)
udf: Avoid overflow when session starts at large offset
authorJan Kara <jack@suse.cz>
Mon, 16 Oct 2017 09:38:11 +0000 (11:38 +0200)
committerGreg Kroah-Hartman <gregkh@linuxfoundation.org>
Wed, 20 Dec 2017 09:05:01 +0000 (10:05 +0100)
[ Upstream commit abdc0eb06964fe1d2fea6dd1391b734d0590365d ]

When session starts beyond offset 2^31 the arithmetics in
udf_check_vsd() would overflow. Make sure the computation is done in
large enough type.

Reported-by: Cezary Sliwa <sliwa@ifpan.edu.pl>
Signed-off-by: Jan Kara <jack@suse.cz>
Signed-off-by: Sasha Levin <alexander.levin@verizon.com>
Signed-off-by: Greg Kroah-Hartman <gregkh@linuxfoundation.org>
fs/udf/super.c patch | blob | blame | history

diff --git a/fs/udf/super.c b/fs/udf/super.c
index 81155b9b445b3313cec45c89533bd1ea8027736e..ee09c97f3ab29ddec2ac140367a3ea879bec4657 100644 (file)
--- a/fs/udf/super.c
+++ b/fs/udf/super.c
@@ -705,7 +705,7 @@ static loff_t udf_check_vsd(struct super_block *sb)
        else
                sectorsize = sb->s_blocksize;
 
-       sector += (sbi->s_session << sb->s_blocksize_bits);
+       sector += (((loff_t)sbi->s_session) << sb->s_blocksize_bits);
 
        udf_debug("Starting at sector %u (%ld byte sectors)\n",
                  (unsigned int)(sector >> sb->s_blocksize_bits),