From: Theodore Ts'o Date: Tue, 9 Aug 2022 15:16:47 +0000 (-0400) Subject: libext2fs: fix potential integer overflow in bitmap accessors X-Git-Tag: v1.46.6-rc1~38 X-Git-Url: https://git.whamcloud.com/?a=commitdiff_plain;h=27504bcf89193d47d7632cde922a65e0c051be01;p=tools%2Fe2fsprogs.git libext2fs: fix potential integer overflow in bitmap accessors bmap->cluster_bits has a maximum value of 19, but Coverity doesn't know that. To make it happy, and just in case there is a bug where somehow the cluster size does get set to an invalid value and the rest of the library doesn't check it, use 1ULL instead of 1 to avoid the integer overflow. Addresses-Coverity-Bug: 1500759 Addresses-Coverity-Bug: 1500764 Addresses-Coverity-Bug: 1500771 Signed-off-by: Theodore Ts'o --- diff --git a/lib/ext2fs/gen_bitmap64.c b/lib/ext2fs/gen_bitmap64.c index d980908..c860c10 100644 --- a/lib/ext2fs/gen_bitmap64.c +++ b/lib/ext2fs/gen_bitmap64.c @@ -684,7 +684,7 @@ int ext2fs_test_block_bitmap_range2(ext2fs_block_bitmap gen_bmap, /* convert to clusters if necessary */ block >>= bmap->cluster_bits; - end += (1 << bmap->cluster_bits) - 1; + end += (1ULL << bmap->cluster_bits) - 1; end >>= bmap->cluster_bits; num = end - block; @@ -725,7 +725,7 @@ void ext2fs_mark_block_bitmap_range2(ext2fs_block_bitmap gen_bmap, /* convert to clusters if necessary */ block >>= bmap->cluster_bits; - end += (1 << bmap->cluster_bits) - 1; + end += (1ULL << bmap->cluster_bits) - 1; end >>= bmap->cluster_bits; num = end - block; @@ -766,7 +766,7 @@ void ext2fs_unmark_block_bitmap_range2(ext2fs_block_bitmap gen_bmap, /* convert to clusters if necessary */ block >>= bmap->cluster_bits; - end += (1 << bmap->cluster_bits) - 1; + end += (1ULL << bmap->cluster_bits) - 1; end >>= bmap->cluster_bits; num = end - block;