[PATCH 3/5] uml: hostfs - fix possible PAGE_CACHE_SHIFT overflows
From: Paolo 'Blaisorblade' Giarrusso
Date: Thu Dec 29 2005 - 11:40:25 EST
From: Paolo 'Blaisorblade' Giarrusso <blaisorblade@xxxxxxxx>
Prevent page->index << PAGE_CACHE_SHIFT from overflowing.
There is a casting there, but was added without care, so it's at the wrong
place. Note the extra parens around the shift - "+" is higher precedence than
"<<", leading to a GCC warning which saved all us.
Signed-off-by: Paolo 'Blaisorblade' Giarrusso <blaisorblade@xxxxxxxx>
---
fs/hostfs/hostfs_kern.c | 7 ++++++-
1 files changed, 6 insertions(+), 1 deletions(-)
diff --git a/fs/hostfs/hostfs_kern.c b/fs/hostfs/hostfs_kern.c
index 3aac164..b3ad0bd 100644
--- a/fs/hostfs/hostfs_kern.c
+++ b/fs/hostfs/hostfs_kern.c
@@ -501,11 +501,16 @@ int hostfs_commit_write(struct file *fil
long long start;
int err = 0;
- start = (long long) (page->index << PAGE_CACHE_SHIFT) + from;
+ start = (((long long) page->index) << PAGE_CACHE_SHIFT) + from;
buffer = kmap(page);
err = write_file(FILE_HOSTFS_I(file)->fd, &start, buffer + from,
to - from);
if(err > 0) err = 0;
+
+ /* Actually, if !err, write_file has added to-from to start, so, despite
+ * the appearance, we are comparing i_size against the _last_ written
+ * location, as we should. */
+
if(!err && (start > inode->i_size))
inode->i_size = start;
-
To unsubscribe from this list: send the line "unsubscribe linux-kernel" in
the body of a message to majordomo@xxxxxxxxxxxxxxx
More majordomo info at http://vger.kernel.org/majordomo-info.html
Please read the FAQ at http://www.tux.org/lkml/