From: Tvrtko Ursulin <tursulin@ursulin.net>
To: linux-kernel@vger.kernel.org
Cc: tursulin@ursulin.net, tvrtko.ursulin@linux.intel.com,
Tvrtko Ursulin <tvrtko.ursulin@intel.com>,
Bart Van Assche <bart.vanassche@wdc.com>,
Hannes Reinecke <hare@suse.com>,
Johannes Thumshirn <jthumshirn@suse.de>,
Jens Axboe <axboe@kernel.dk>
Subject: [PATCH 6/6] lib/scatterlist: Fix overflow check in sgl_alloc_order
Date: Wed, 26 Sep 2018 15:16:25 +0100 [thread overview]
Message-ID: <20180926141625.17727-7-tvrtko.ursulin@linux.intel.com> (raw)
In-Reply-To: <20180926141625.17727-1-tvrtko.ursulin@linux.intel.com>
From: Tvrtko Ursulin <tvrtko.ursulin@intel.com>
It is necessary to ensure types on both sides of the comparison are of the
same width. Otherwise the check overflows sooner than expect due left hand
side being an unsigned long length, and the right hand side unsigned int
number of elements multiplied by element size.
Signed-off-by: Tvrtko Ursulin <tvrtko.ursulin@intel.com>
Cc: Bart Van Assche <bart.vanassche@wdc.com>
Cc: Hannes Reinecke <hare@suse.com>
Cc: Johannes Thumshirn <jthumshirn@suse.de>
Cc: Jens Axboe <axboe@kernel.dk>
---
lib/scatterlist.c | 2 +-
1 file changed, 1 insertion(+), 1 deletion(-)
diff --git a/lib/scatterlist.c b/lib/scatterlist.c
index 581a2e91e515..c87243d46f10 100644
--- a/lib/scatterlist.c
+++ b/lib/scatterlist.c
@@ -485,7 +485,7 @@ struct scatterlist *sgl_alloc_order(unsigned long length, unsigned int order,
nent = round_up(length, PAGE_SIZE << order) >> (PAGE_SHIFT + order);
/* Check for integer overflow */
- if (length > (nent << (PAGE_SHIFT + order)))
+ if (length > ((unsigned long)nent << (PAGE_SHIFT + order)))
return NULL;
nalloc = nent;
if (chainable) {
--
2.17.1
next prev parent reply other threads:[~2018-09-26 14:16 UTC|newest]
Thread overview: 14+ messages / expand[flat|nested] mbox.gz Atom feed top
2018-09-26 14:16 [PATCH 0/6] lib/scatterlist: sgl API fixes and cleanups Tvrtko Ursulin
2018-09-26 14:16 ` [PATCH 1/6] lib/scatterlist: Use natural long for sgl_alloc(_order) length parameter Tvrtko Ursulin
2018-10-03 15:26 ` Bart Van Assche
2018-09-26 14:16 ` [PATCH 2/6] lib/scatterlist: Use consistent types in sgl API Tvrtko Ursulin
2018-10-03 15:28 ` Bart Van Assche
2018-09-26 14:16 ` [PATCH 3/6] lib/scatterlist: Skip requesting zeroed allocations in sgl_alloc_order Tvrtko Ursulin
2018-10-03 15:28 ` Bart Van Assche
2018-09-26 14:16 ` [PATCH 4/6] lib/scatterlist: Do not leak pages when high-order allocation fails Tvrtko Ursulin
2018-10-03 15:31 ` Bart Van Assche
2018-09-26 14:16 ` [PATCH 5/6] lib/scatterlist: Use appropriate type for elem_len in sgl_alloc_order Tvrtko Ursulin
2018-10-03 15:32 ` Bart Van Assche
2018-09-26 14:16 ` Tvrtko Ursulin [this message]
2018-10-03 15:34 ` [PATCH 6/6] lib/scatterlist: Fix overflow check " Bart Van Assche
2018-10-03 15:56 ` [PATCH 0/6] lib/scatterlist: sgl API fixes and cleanups Bart Van Assche
Reply instructions:
You may reply publicly to this message via plain-text email
using any one of the following methods:
* Save the following mbox file, import it into your mail client,
and reply-to-all from there: mbox
Avoid top-posting and favor interleaved quoting:
https://en.wikipedia.org/wiki/Posting_style#Interleaved_style
* Reply using the --to, --cc, and --in-reply-to
switches of git-send-email(1):
git send-email \
--in-reply-to=20180926141625.17727-7-tvrtko.ursulin@linux.intel.com \
--to=tursulin@ursulin.net \
--cc=axboe@kernel.dk \
--cc=bart.vanassche@wdc.com \
--cc=hare@suse.com \
--cc=jthumshirn@suse.de \
--cc=linux-kernel@vger.kernel.org \
--cc=tvrtko.ursulin@intel.com \
--cc=tvrtko.ursulin@linux.intel.com \
/path/to/YOUR_REPLY
https://kernel.org/pub/software/scm/git/docs/git-send-email.html
* If your mail client supports setting the In-Reply-To header
via mailto: links, try the mailto: link
Be sure your reply has a Subject: header at the top and a blank line
before the message body.
This is a public inbox, see mirroring instructions
for how to clone and mirror all data and code used for this inbox