From 31ff883c7b0cb4ffbea2cffeb853ea4acc9688d6 Mon Sep 17 00:00:00 2001 From: Nathaniel Clark Date: Thu, 4 Jul 2019 11:34:05 -0400 Subject: [PATCH] LU-9862 lov: Correct bounds checking While Dan Carpenter ran his smatch tool against the lustre code base he encountered the following static checker warning: lustre/lov/lov_ea.c:207 lsm_unpackmd_common() warn: signed overflow undefined. 'min_stripe_maxbytes * stripe_count < min_stripe_maxbytes' The current code doesn't properly handle the potential overflow with the min_stripe_maxbytes * stripe_count. This fixes the overflow detection for maxbytes in lsme_unpack(). Change-Id: I34646df3d59cadcb42a4defb58e16cb840acc99 Fixes: 3ddcf5b4a138 ("LU-7890 lov: Ensure correct operation for large object sizes") Reported-by: Dan Carpenter Signed-off-by: Nathaniel Clark Reviewed-on: https://review.whamcloud.com/28484 Tested-by: jenkins Reviewed-by: Patrick Farrell Reviewed-by: Petros Koutoupis Tested-by: Maloo Reviewed-by: Oleg Drokin --- lustre/lov/lov_ea.c | 15 ++++++++------- 1 file changed, 8 insertions(+), 7 deletions(-) diff --git a/lustre/lov/lov_ea.c b/lustre/lov/lov_ea.c index 54f7936..55c5b80 100644 --- a/lustre/lov/lov_ea.c +++ b/lustre/lov/lov_ea.c @@ -269,15 +269,16 @@ lsme_unpack(struct lov_obd *lov, struct lov_mds_md *lmm, size_t buf_size, if (min_stripe_maxbytes == 0) min_stripe_maxbytes = LUSTRE_EXT3_STRIPE_MAXBYTES; - lov_bytes = min_stripe_maxbytes * stripe_count; + if (stripe_count == 0) + lov_bytes = min_stripe_maxbytes; + else if (min_stripe_maxbytes <= LLONG_MAX / stripe_count) + lov_bytes = min_stripe_maxbytes * stripe_count; + else + lov_bytes = MAX_LFS_FILESIZE; out_dom: - if (maxbytes) { - if (lov_bytes < min_stripe_maxbytes) /* handle overflow */ - *maxbytes = MAX_LFS_FILESIZE; - else - *maxbytes = lov_bytes; - } + if (maxbytes) + *maxbytes = min_t(loff_t, lov_bytes, MAX_LFS_FILESIZE); return lsme; -- 1.8.3.1