Re: [syzbot] WARNING in iomap_iter
From: Siddh Raman Pant
Date: Sun Aug 21 2022 - 07:49:03 EST
#syz test https://git.kernel.org/pub/scm/linux/kernel/git/torvalds/linux.git master
---
drivers/block/loop.c | 8 +++++++-
1 file changed, 7 insertions(+), 1 deletion(-)
diff --git a/drivers/block/loop.c b/drivers/block/loop.c
index e3c0ba93c1a3..a3d9af0a2077 100644
--- a/drivers/block/loop.c
+++ b/drivers/block/loop.c
@@ -979,9 +979,15 @@ loop_set_status_from_info(struct loop_device *lo,
lo->lo_offset = info->lo_offset;
lo->lo_sizelimit = info->lo_sizelimit;
+ lo->lo_flags = info->lo_flags;
+
+ /* loff_t/int vars are assigned __u64/__u32 vars (respectively) */
+ if (lo->lo_offset < 0 || lo->lo_sizelimit < 0 || lo->lo_flags < 0)
+ return -EOVERFLOW;
+
memcpy(lo->lo_file_name, info->lo_file_name, LO_NAME_SIZE);
lo->lo_file_name[LO_NAME_SIZE-1] = 0;
- lo->lo_flags = info->lo_flags;
+
return 0;
}
--
2.35.1