Skip to content

Commit

Permalink
btrfs: send: silence an integer overflow warning
Browse files Browse the repository at this point in the history
The "sizeof(*arg->clone_sources) * arg->clone_sources_count" expression
can overflow.  It causes several static checker warnings.  It's all
under CAP_SYS_ADMIN so it's not that serious but lets silence the
warnings.

Signed-off-by: Dan Carpenter <dan.carpenter@oracle.com>
Reviewed-by: David Sterba <dsterba@suse.com>
Signed-off-by: David Sterba <dsterba@suse.com>
  • Loading branch information
Dan Carpenter authored and David Sterba committed May 6, 2016
1 parent 41b34ac commit f5ecec3
Showing 1 changed file with 6 additions and 0 deletions.
6 changes: 6 additions & 0 deletions fs/btrfs/send.c
Original file line number Diff line number Diff line change
Expand Up @@ -5978,6 +5978,12 @@ long btrfs_ioctl_send(struct file *mnt_file, void __user *arg_)
goto out;
}

if (arg->clone_sources_count >
ULLONG_MAX / sizeof(*arg->clone_sources)) {
ret = -EINVAL;
goto out;
}

if (!access_ok(VERIFY_READ, arg->clone_sources,
sizeof(*arg->clone_sources) *
arg->clone_sources_count)) {
Expand Down

0 comments on commit f5ecec3

Please sign in to comment.