Commit 1f0d5c91 authored by Chao Yu's avatar Chao Yu Committed by Jaegeuk Kim

f2fs: fix potential overflow

We expect 64-bit calculation result from below statement, however
in 32-bit machine, looped left shift operation on pgoff_t type
variable may cause overflow issue, fix it by forcing type cast.

page->index << PAGE_SHIFT;

Fixes: 26de9b11 ("f2fs: avoid unnecessary updating inode during fsync")
Fixes: 0a2aa8fb ("f2fs: refactor __exchange_data_block for speed up")
Signed-off-by: default avatarChao Yu <yuchao0@huawei.com>
Signed-off-by: default avatarJaegeuk Kim <jaegeuk@kernel.org>
parent 2a60637f
...@@ -2203,7 +2203,7 @@ static int __write_data_page(struct page *page, bool *submitted, ...@@ -2203,7 +2203,7 @@ static int __write_data_page(struct page *page, bool *submitted,
loff_t i_size = i_size_read(inode); loff_t i_size = i_size_read(inode);
const pgoff_t end_index = ((unsigned long long) i_size) const pgoff_t end_index = ((unsigned long long) i_size)
>> PAGE_SHIFT; >> PAGE_SHIFT;
loff_t psize = (page->index + 1) << PAGE_SHIFT; loff_t psize = (loff_t)(page->index + 1) << PAGE_SHIFT;
unsigned offset = 0; unsigned offset = 0;
bool need_balance_fs = false; bool need_balance_fs = false;
int err = 0; int err = 0;
......
...@@ -1139,7 +1139,7 @@ static int __clone_blkaddrs(struct inode *src_inode, struct inode *dst_inode, ...@@ -1139,7 +1139,7 @@ static int __clone_blkaddrs(struct inode *src_inode, struct inode *dst_inode,
} }
dn.ofs_in_node++; dn.ofs_in_node++;
i++; i++;
new_size = (dst + i) << PAGE_SHIFT; new_size = (loff_t)(dst + i) << PAGE_SHIFT;
if (dst_inode->i_size < new_size) if (dst_inode->i_size < new_size)
f2fs_i_size_write(dst_inode, new_size); f2fs_i_size_write(dst_inode, new_size);
} while (--ilen && (do_replace[i] || blkaddr[i] == NULL_ADDR)); } while (--ilen && (do_replace[i] || blkaddr[i] == NULL_ADDR));
......
Markdown is supported
0%
or
You are about to add 0 people to the discussion. Proceed with caution.
Finish editing this message first!
Please register or to comment