[PATCH] resize2fs: fix 32bit overflow during minimal size calculation for 64bit fs.

[PATCH] resize2fs: fix 32bit overflow during minimal size calculation for 64bit fs.

[Azat Khuzhin]

calculate_minimum_resize_size() multiplying two 32bit numbers, however the
result must be 64bit, but it will be truncated to 32bit, and because of this
data_blocks will be zero, and it will never leave loop:
blocks_per_group=32768 (u32)
extra_groups=131072 (u32)
data_blocks=4294967296 # overflow

And here is messages from log with resize2fs -f 255:
fs has 4007207 inodes, 1957 groups required.
fs requires 4374122900 data blocks.
With 1957 group(s), we have 63820826 blocks available.
Added 131540 extra group(s), blks_needed 4374122900, data_blocks·62023030, last_start 4356599580
Added 131595 extra group(s), blks_needed 4374122900, data_blocks·73483100, last_start 5781212288
Added 131246 extra group(s), blks_needed 4374122900, data_blocks·79184732, last_start 5781244926
Added 131072 extra group(s), blks_needed 4374122900, data_blocks·79184732, last_start 5781277564
Added 131072 extra group(s), blks_needed 4374122900, data_blocks·79184732, last_start 5781310202
...

Reported-by: Brad Campbell <lists2009@fnarfbargle.com>
Tested-by: Brad Campbell <lists2009@fnarfbargle.com>
Signed-off-by: Azat Khuzhin <a3at.mail@gmail.com>
---
 resize/resize2fs.c | 3 ++-
 1 file changed, 2 insertions(+), 1 deletion(-)

diff --git a/resize/resize2fs.c b/resize/resize2fs.c
index 546b1d8..6777bfa 100644
--- a/resize/resize2fs.c
+++ b/resize/resize2fs.c
@@ -2479,7 +2479,8 @@ blk64_t calculate_minimum_resize_size(ext2_filsys fs, int flags)
 		extra_grps = ext2fs_div64_ceil(remainder,
 					       EXT2_BLOCKS_PER_GROUP(fs->super));
 
-		data_blocks += extra_grps * EXT2_BLOCKS_PER_GROUP(fs->super);
+		data_blocks += (unsigned long long)extra_grps *
+			EXT2_BLOCKS_PER_GROUP(fs->super);
 
 		/* ok we have to account for the last group */
 		overhead = calc_group_overhead(fs, groups-1, old_desc_blocks);
-- 
2.0.1

--
To unsubscribe from this list: send the line "unsubscribe linux-ext4" in
the body of a message to majordomo@vger.kernel.org
More majordomo info at  http://vger.kernel.org/majordomo-info.html

Re: [PATCH] resize2fs: fix 32bit overflow during minimal size calculation for 64bit fs.

[Theodore Ts'o]

On Sat, Jul 26, 2014 at 11:19:27AM +0400, Azat Khuzhin wrote:
> calculate_minimum_resize_size() multiplying two 32bit numbers, however the
> result must be 64bit, but it will be truncated to 32bit, and because of this
> data_blocks will be zero, and it will never leave loop...

There is a much more general patch which solves a number of other
instances where this bug exists which I've already committed into my
tree:

https://git.kernel.org/cgit/fs/ext2/e2fsprogs.git/commit/?h=maint&id=1e33a8b408123a4e02a6b9135807f6fd61f3e235

Cheers,

					- Ted

Re: [PATCH] resize2fs: fix 32bit overflow during minimal size calculation for 64bit fs.

[Azat Khuzhin]

On Sat, Jul 26, 2014 at 05:53:41PM -0400, Theodore Ts'o wrote:
> On Sat, Jul 26, 2014 at 11:19:27AM +0400, Azat Khuzhin wrote:
> > calculate_minimum_resize_size() multiplying two 32bit numbers, however the
> > result must be 64bit, but it will be truncated to 32bit, and because of this
> > data_blocks will be zero, and it will never leave loop...
> 
> There is a much more general patch which solves a number of other
> instances where this bug exists which I've already committed into my
> tree:
> 
> https://git.kernel.org/cgit/fs/ext2/e2fsprogs.git/commit/?h=maint&id=1e33a8b408123a4e02a6b9135807f6fd61f3e235

Yeah, I didn't thought about fixing *all* places of this bug.
Thanks,
Azat.