From: Dan Carpenter Date: Wed, 13 Apr 2016 06:40:59 +0000 (+0300) Subject: btrfs: send: silence an integer overflow warning X-Git-Url: https://git.stricted.de/?a=commitdiff_plain;h=f5ecec3ce21f706e9e7a330b2e8e5a2941927b46;p=GitHub%2Fmoto-9609%2Fandroid_kernel_motorola_exynos9610.git btrfs: send: silence an integer overflow warning The "sizeof(*arg->clone_sources) * arg->clone_sources_count" expression can overflow. It causes several static checker warnings. It's all under CAP_SYS_ADMIN so it's not that serious but lets silence the warnings. Signed-off-by: Dan Carpenter Reviewed-by: David Sterba Signed-off-by: David Sterba --- diff --git a/fs/btrfs/send.c b/fs/btrfs/send.c index 8d358c547c59..ec433795fa71 100644 --- a/fs/btrfs/send.c +++ b/fs/btrfs/send.c @@ -5978,6 +5978,12 @@ long btrfs_ioctl_send(struct file *mnt_file, void __user *arg_) goto out; } + if (arg->clone_sources_count > + ULLONG_MAX / sizeof(*arg->clone_sources)) { + ret = -EINVAL; + goto out; + } + if (!access_ok(VERIFY_READ, arg->clone_sources, sizeof(*arg->clone_sources) * arg->clone_sources_count)) {