projects / cascardo / linux.git / commit
? search:
summary | shortlog | log | commit | commitdiff | tree
(parent: c9ea7b2) | patch
fs/btrfs: Integer overflow in btrfs_ioctl_resize()
authorWenliang Fan <fanwlexca@gmail.com>
Fri, 20 Dec 2013 07:28:56 +0000 (15:28 +0800)
committerChris Mason <clm@fb.com>
Tue, 28 Jan 2014 21:20:11 +0000 (13:20 -0800)
commiteb8052e015f2c015926db45943f8ee724ace97e5
tree0bc0bbe9ac1804dd4a3e658f2a17efb59328ac6btree | snapshot
parentc9ea7b24ce5863d65efb1134319cede160674d41commit | diff
fs/btrfs: Integer overflow in btrfs_ioctl_resize()

The local variable 'new_size' comes from userspace. If a large number
was passed, there would be an integer overflow in the following line:
new_size = old_size + new_size;

Signed-off-by: Wenliang Fan <fanwlexca@gmail.com>
Signed-off-by: Josef Bacik <jbacik@fb.com>
Signed-off-by: Chris Mason <clm@fb.com>
fs/btrfs/ioctl.c diff | blob | history
Unnamed repository; edit this file 'description' to name the repository.