[Devel] [PATCH RHEL7 COMMIT] ploop: fix int overflow when calculating used_pos
Konstantin Khorenko
khorenko at virtuozzo.com
Mon Oct 29 12:31:17 MSK 2018
The commit is pushed to "branch-rh7-3.10.0-862.14.4.vz7.72.x-ovz" and will appear at https://src.openvz.org/scm/ovz/vzkernel.git
after rh7-3.10.0-862.14.4.vz7.72.14
------>
commit 8f1ecc2d7c40a95ad67bafc9c5361e3992e7e43f
Author: Pavel Tikhomirov <ptikhomirov at virtuozzo.com>
Date: Mon Oct 29 12:31:15 2018 +0300
ploop: fix int overflow when calculating used_pos
If io->alloc_head is e.g. 0x11ff, then we get used_pos equal to:
crash> p (((int)0x11ff)-1)<<20
$3 = 534773760
instead of:
crash> p (((long long)0x11ff)-1)<<20
$5 = 4829741056
https://jira.sw.ru/browse/PSBM-89565
Signed-off-by: Pavel Tikhomirov <ptikhomirov at virtuozzo.com>
Reviewed-by: Konstantin Khorenko <khorenko at virtuozzo.com>
---
drivers/block/ploop/io_direct.c | 2 +-
1 file changed, 1 insertion(+), 1 deletion(-)
diff --git a/drivers/block/ploop/io_direct.c b/drivers/block/ploop/io_direct.c
index 56c3559b179e..de41234f907c 100644
--- a/drivers/block/ploop/io_direct.c
+++ b/drivers/block/ploop/io_direct.c
@@ -361,7 +361,7 @@ cached_submit(struct ploop_io *io, iblock_t iblk, struct ploop_request * preq,
pos = (loff_t)iblk << (plo->cluster_log + 9);
end_pos = pos + clu_siz;
- used_pos = (io->alloc_head - 1) << (io->plo->cluster_log + 9);
+ used_pos = (loff_t)(io->alloc_head - 1) << (io->plo->cluster_log + 9);
file_start_write(io->files.file);
More information about the Devel
mailing list