[PATCH] udf: Use unsigned variables for size calculations
From: Kees Cook
Date: Sat Feb 04 2023 - 13:34:36 EST
To avoid confusing the compiler about possible negative sizes, switch
various size variables that can never be negative from int to u32. Seen
with GCC 13:
../fs/udf/directory.c: In function 'udf_copy_fi':
../include/linux/fortify-string.h:57:33: warning: '__builtin_memcpy' pointer overflow between offset 80 and size [-2147483648, -1] [-Warray-bounds=]
57 | #define __underlying_memcpy __builtin_memcpy
| ^
...
../fs/udf/directory.c:102:9: note: in expansion of macro 'memcpy'
102 | memcpy(&iter->fi, iter->bh[0]->b_data + off, len);
| ^~~~~~
Cc: Jan Kara <jack@xxxxxxxx>
Signed-off-by: Kees Cook <keescook@xxxxxxxxxxxx>
---
fs/udf/directory.c | 5 +++--
1 file changed, 3 insertions(+), 2 deletions(-)
diff --git a/fs/udf/directory.c b/fs/udf/directory.c
index 2e13c4b5fb81..e0bb73d414dd 100644
--- a/fs/udf/directory.c
+++ b/fs/udf/directory.c
@@ -71,8 +71,9 @@ static int udf_verify_fi(struct udf_fileident_iter *iter)
static int udf_copy_fi(struct udf_fileident_iter *iter)
{
struct udf_inode_info *iinfo = UDF_I(iter->dir);
- int blksize = 1 << iter->dir->i_blkbits;
- int err, off, len, nameoff;
+ u32 blksize = 1 << iter->dir->i_blkbits;
+ u32 off, len, nameoff;
+ int err;
/* Skip copying when we are at EOF */
if (iter->pos >= iter->dir->i_size) {
--
2.34.1