* [PATCH] block: Fix potential overflow in blk_report_zones()
@ 2019-07-09 7:53 Damien Le Moal
2019-07-09 13:37 ` Christoph Hellwig
0 siblings, 1 reply; 3+ messages in thread
From: Damien Le Moal @ 2019-07-09 7:53 UTC (permalink / raw)
To: linux-block, Jens Axboe; +Cc: Christoph Hellwig, Matias Bjorling
For large values of the number of zones reported, the sector increment
calculated with "blk_queue_zone_sectors(q) * n" can overflow the
unsigned int type used. Fix this with a cast to sector_t type.
Fixes: e76239a3748c ("block: add a report_zones method")
Cc: stable@vger.kernel.org
Signed-off-by: Damien Le Moal <damien.lemoal@wdc.com>
---
block/blk-zoned.c | 2 +-
1 file changed, 1 insertion(+), 1 deletion(-)
diff --git a/block/blk-zoned.c b/block/blk-zoned.c
index 79ad269b545d..231b7e1b6d22 100644
--- a/block/blk-zoned.c
+++ b/block/blk-zoned.c
@@ -134,7 +134,7 @@ static int blk_report_zones(struct gendisk *disk, sector_t sector,
return ret;
if (!n)
break;
- sector += blk_queue_zone_sectors(q) * n;
+ sector += (sector_t)blk_queue_zone_sectors(q) * n;
z += n;
}
--
2.21.0
^ permalink raw reply related [flat|nested] 3+ messages in thread
* Re: [PATCH] block: Fix potential overflow in blk_report_zones()
2019-07-09 7:53 [PATCH] block: Fix potential overflow in blk_report_zones() Damien Le Moal
@ 2019-07-09 13:37 ` Christoph Hellwig
2019-07-09 14:34 ` Damien Le Moal
0 siblings, 1 reply; 3+ messages in thread
From: Christoph Hellwig @ 2019-07-09 13:37 UTC (permalink / raw)
To: Damien Le Moal
Cc: linux-block, Jens Axboe, Christoph Hellwig, Matias Bjorling
On Tue, Jul 09, 2019 at 04:53:48PM +0900, Damien Le Moal wrote:
> For large values of the number of zones reported, the sector increment
> calculated with "blk_queue_zone_sectors(q) * n" can overflow the
> unsigned int type used. Fix this with a cast to sector_t type.
How about just returning a sector_t from blk_queue_zone_sectors, turning
this into an automatic implicit cast for all callers?
^ permalink raw reply [flat|nested] 3+ messages in thread
* Re: [PATCH] block: Fix potential overflow in blk_report_zones()
2019-07-09 13:37 ` Christoph Hellwig
@ 2019-07-09 14:34 ` Damien Le Moal
0 siblings, 0 replies; 3+ messages in thread
From: Damien Le Moal @ 2019-07-09 14:34 UTC (permalink / raw)
To: Christoph Hellwig
Cc: linux-block@vger.kernel.org, Jens Axboe, Matias Bjorling
On 2019/07/09 22:37, Christoph Hellwig wrote:
> On Tue, Jul 09, 2019 at 04:53:48PM +0900, Damien Le Moal wrote:
>> For large values of the number of zones reported, the sector increment
>> calculated with "blk_queue_zone_sectors(q) * n" can overflow the
>> unsigned int type used. Fix this with a cast to sector_t type.
>
> How about just returning a sector_t from blk_queue_zone_sectors, turning
> this into an automatic implicit cast for all callers?
>
That works too. Will send an update.
--
Damien Le Moal
Western Digital Research
^ permalink raw reply [flat|nested] 3+ messages in thread
end of thread, other threads:[~2019-07-09 14:34 UTC | newest]
Thread overview: 3+ messages (download: mbox.gz follow: Atom feed
-- links below jump to the message on this page --
2019-07-09 7:53 [PATCH] block: Fix potential overflow in blk_report_zones() Damien Le Moal
2019-07-09 13:37 ` Christoph Hellwig
2019-07-09 14:34 ` Damien Le Moal
This is a public inbox, see mirroring instructions
for how to clone and mirror all data and code used for this inbox;
as well as URLs for NNTP newsgroup(s).