From: Nathaniel Clark Date: Thu, 4 Jul 2019 15:34:05 +0000 (-0400) Subject: LU-9862 lov: Correct bounds checking X-Git-Tag: 2.12.56~3 X-Git-Url: https://git.whamcloud.com/?a=commitdiff_plain;h=refs%2Fchanges%2F84%2F28484%2F16;p=fs%2Flustre-release.git LU-9862 lov: Correct bounds checking While Dan Carpenter ran his smatch tool against the lustre code base he encountered the following static checker warning: lustre/lov/lov_ea.c:207 lsm_unpackmd_common() warn: signed overflow undefined. 'min_stripe_maxbytes * stripe_count < min_stripe_maxbytes' The current code doesn't properly handle the potential overflow with the min_stripe_maxbytes * stripe_count. This fixes the overflow detection for maxbytes in lsme_unpack(). Change-Id: I34646df3d59cadcb42a4defb58e16cb840acc99 Fixes: 3ddcf5b4a138 ("LU-7890 lov: Ensure correct operation for large object sizes") Reported-by: Dan Carpenter Signed-off-by: Nathaniel Clark Reviewed-on: https://review.whamcloud.com/28484 Tested-by: jenkins Reviewed-by: Patrick Farrell Reviewed-by: Petros Koutoupis Tested-by: Maloo Reviewed-by: Oleg Drokin --- diff --git a/lustre/lov/lov_ea.c b/lustre/lov/lov_ea.c index 54f7936..55c5b80 100644 --- a/lustre/lov/lov_ea.c +++ b/lustre/lov/lov_ea.c @@ -269,15 +269,16 @@ lsme_unpack(struct lov_obd *lov, struct lov_mds_md *lmm, size_t buf_size, if (min_stripe_maxbytes == 0) min_stripe_maxbytes = LUSTRE_EXT3_STRIPE_MAXBYTES; - lov_bytes = min_stripe_maxbytes * stripe_count; + if (stripe_count == 0) + lov_bytes = min_stripe_maxbytes; + else if (min_stripe_maxbytes <= LLONG_MAX / stripe_count) + lov_bytes = min_stripe_maxbytes * stripe_count; + else + lov_bytes = MAX_LFS_FILESIZE; out_dom: - if (maxbytes) { - if (lov_bytes < min_stripe_maxbytes) /* handle overflow */ - *maxbytes = MAX_LFS_FILESIZE; - else - *maxbytes = lov_bytes; - } + if (maxbytes) + *maxbytes = min_t(loff_t, lov_bytes, MAX_LFS_FILESIZE); return lsme;