projects / platform / kernel / linux-rpi.git / commitdiff
? search:
summary | shortlog | log | commit | commitdiff | tree
raw | patch | inline | side by side (parent: 41be0c3)
ovl: fix lseek overflow on 32bit
authorMiklos Szeredi <mszeredi@redhat.com>
Mon, 3 Feb 2020 10:41:53 +0000 (11:41 +0100)
committerGreg Kroah-Hartman <gregkh@linuxfoundation.org>
Tue, 11 Feb 2020 12:33:50 +0000 (04:33 -0800)
[ Upstream commit a4ac9d45c0cd14a2adc872186431c79804b77dbf ]

ovl_lseek() is using ssize_t to return the value from vfs_llseek().  On a
32-bit kernel ssize_t is a 32-bit signed int, which overflows above 2 GB.

Assign the return value of vfs_llseek() to loff_t to fix this.

Reported-by: Boris Gjenero <boris.gjenero@gmail.com>
Fixes: 9e46b840c705 ("ovl: support stacked SEEK_HOLE/SEEK_DATA")
Cc: <stable@vger.kernel.org> # v4.19
Signed-off-by: Miklos Szeredi <mszeredi@redhat.com>
Signed-off-by: Sasha Levin <sashal@kernel.org>
fs/overlayfs/file.c patch | blob | history

diff --git a/fs/overlayfs/file.c b/fs/overlayfs/file.c
index 0bd276e..fa5ac5d 100644 (file)
--- a/fs/overlayfs/file.c
+++ b/fs/overlayfs/file.c
@@ -149,7 +149,7 @@ static loff_t ovl_llseek(struct file *file, loff_t offset, int whence)
        struct inode *inode = file_inode(file);
        struct fd real;
        const struct cred *old_cred;
-       ssize_t ret;
+       loff_t ret;
 
        /*
         * The two special cases below do not need to involve real fs,
Domain: System / Kernel;