tjh.dev / kernel
Linux kernel mirror (for testing) git.kernel.org/pub/scm/linux/kernel/git/torvalds/linux.git
kernel os linux
1
fork

Configure Feed

Select the types of activity you want to include in your feed.

erofs: fix offset truncation when shifting pgoff on 32-bit platforms

On 32-bit platforms, pgoff_t is 32 bits wide, so left-shifting
large arbitrary pgoff_t values by PAGE_SHIFT performs 32-bit arithmetic
and silently truncates the result for pages beyond the 4 GiB boundary.

Cast the page index to loff_t before shifting to produce a correct
64-bit byte offset.

Fixes: 386292919c25 ("erofs: introduce readmore decompression strategy")
Fixes: 307210c262a2 ("erofs: verify metadata accesses for file-backed mounts")
Reviewed-by: Chao Yu <chao@kernel.org>
Signed-off-by: Gao Xiang <hsiangkao@linux.alibaba.com>

Gao Xiang c99493ce d18a3b5d

+2 -2
+1 -1
fs/erofs/data.c
··· 39 39 * However, the data access range must be verified here in advance. 40 40 */ 41 41 if (buf->file) { 42 - fpos = index << PAGE_SHIFT; 42 + fpos = (loff_t)index << PAGE_SHIFT; 43 43 err = rw_verify_area(READ, buf->file, &fpos, PAGE_SIZE); 44 44 if (err < 0) 45 45 return ERR_PTR(err);
+1 -1
fs/erofs/zdata.c
··· 1872 1872 1873 1873 if (cur < PAGE_SIZE) 1874 1874 break; 1875 - cur = (index << PAGE_SHIFT) - 1; 1875 + cur = ((loff_t)index << PAGE_SHIFT) - 1; 1876 1876 } 1877 1877 } 1878 1878