[PATCH 2/4] fs: btrfs: volumes: prevent overflow for multiplying

Tom Rini trini at konsulko.com
Wed Jan 20 22:46:38 CET 2021


On Sat, Oct 31, 2020 at 09:07:50AM +0800, Qu Wenruo wrote:

> In __btrfs_map_block() we do a int * int and assign it to u64.
> This is not safe as the result (int * int) is still evaluated as (int)
> thus it can overflow.
> 
> Convert one of the multiplier to u64 to prevent such problem.
> 
> In real world, this should not cause problem as we have device number
> limit thus it won't go beyond 4G for a single stripe.
> 
> But it's harder to teach coverity about all these hidden limits, so just
> fix the possible overflow.
> 
> Reported-by: Coverity CID 312957
> Reported-by: Coverity CID 312948
> Signed-off-by: Qu Wenruo <wqu at suse.com>

Applied to u-boot/master, thanks!

-- 
Tom
-------------- next part --------------
A non-text attachment was scrubbed...
Name: signature.asc
Type: application/pgp-signature
Size: 659 bytes
Desc: not available
URL: <https://lists.denx.de/pipermail/u-boot/attachments/20210120/b7766dfc/attachment-0001.sig>


More information about the U-Boot mailing list