From fc514b2a6565e125f38c712c4fe60a9881d64c69 Mon Sep 17 00:00:00 2001
From: Eric Sandeen <sandeen@redhat.com>
Date: Wed, 7 Jul 2021 13:32:08 +0200
Subject: [PATCH] UBUNTU: SAUCE: seq_file: Disallow extremely large seq buffer
 allocations

There is no reasonable need for a buffer larger than this,
and it avoids int overflow pitfalls.

Suggested-by: Al Viro <viro@zeniv.linux.org.uk>
Signed-off-by: Eric Sandeen <sandeen@redhat.com>

CVE-2021-33909
Fixes: 058504edd026 ("fs/seq_file: fallback to vmalloc allocation")
Signed-off-by: Thadeu Lima de Souza Cascardo <cascardo@canonical.com>
Acked-by: Juerg Haefliger <juergh@canonical.com>
Acked-by: Benjamin M Romer <benjamin.romer@canonical.com>
---
 fs/seq_file.c | 3 +++
 1 file changed, 3 insertions(+)

diff --git a/fs/seq_file.c b/fs/seq_file.c
index 5059248f2d648..d6aacbac793ad 100644
--- a/fs/seq_file.c
+++ b/fs/seq_file.c
@@ -32,6 +32,9 @@ static void seq_set_overflow(struct seq_file *m)
 
 static void *seq_buf_alloc(unsigned long size)
 {
+	if (unlikely(size > MAX_RW_COUNT))
+		return NULL;
+
 	return kvmalloc(size, GFP_KERNEL_ACCOUNT);
 }