nilfs2: avoid overflowing segment numbers in nilfs_ioctl_clean_segments()
authorXi Wang <xi.wang@gmail.com>
Thu, 9 Feb 2012 01:13:37 +0000 (17:13 -0800)
committerLinus Torvalds <torvalds@linux-foundation.org>
Thu, 9 Feb 2012 03:03:51 +0000 (19:03 -0800)
commit1ecd3c7ea76488c63b4b0a2561fd7eaf96cc8028
tree3bc88fd0b4fd61c86141c66e86cf5492753bcd22
parent98e96852480566333f6dacd3223f0be15df34d60
nilfs2: avoid overflowing segment numbers in nilfs_ioctl_clean_segments()

nsegs is read from userspace.  Limit its value and avoid overflowing nsegs
* sizeof(__u64) in the subsequent call to memdup_user().

This patch complements 481fe17e973fb9 ("nilfs2: potential integer overflow
in nilfs_ioctl_clean_segments()").

Signed-off-by: Xi Wang <xi.wang@gmail.com>
Cc: Haogang Chen <haogangchen@gmail.com>
Acked-by: Ryusuke Konishi <konishi.ryusuke@lab.ntt.co.jp>
Signed-off-by: Andrew Morton <akpm@linux-foundation.org>
Signed-off-by: Linus Torvalds <torvalds@linux-foundation.org>
fs/nilfs2/ioctl.c