projects / linux-block.git / commit
? search:
summary | shortlog | log | commit | commitdiff | tree
(parent: 4d982e2) | patch
ext4: avoid arithemetic overflow that can trigger a BUG
authorTheodore Ts'o <tytso@mit.edu>
Sat, 1 Sep 2018 16:45:04 +0000 (12:45 -0400)
committerTheodore Ts'o <tytso@mit.edu>
Sat, 1 Sep 2018 16:45:04 +0000 (12:45 -0400)
commitbcd8e91f98c156f4b1ebcfacae675f9cfd962441
treed6a8e8a1d4596f0c559efa1dc4d404d1260dc6a1tree | snapshot
parent4d982e25d0bdc83d8c64e66fdeca0b89240b3b85commit | diff
ext4: avoid arithemetic overflow that can trigger a BUG

A maliciously crafted file system can cause an overflow when the
results of a 64-bit calculation is stored into a 32-bit length
parameter.

https://bugzilla.kernel.org/show_bug.cgi?id=200623

Signed-off-by: Theodore Ts'o <tytso@mit.edu>
Reported-by: Wen Xu <wen.xu@gatech.edu>
Cc: stable@vger.kernel.org
fs/ext4/ext4.h diff | blob | blame | history
fs/ext4/inode.c diff | blob | blame | history
Linux 6.x block layer and io_uring tree(s)