Commit 7bd70e79 authored by NeilBrown's avatar NeilBrown Committed by sanglipeng
Browse files

md: avoid signed overflow in slot_store() 

stable inclusion
from stable-v5.10.177
commit 74d6d33f3695070850cc15d3058d1315fb94d380
category: bugfix
bugzilla: https://gitee.com/openeuler/kernel/issues/I88YNP

Reference: https://git.kernel.org/pub/scm/linux/kernel/git/stable/linux.git/commit/?id=74d6d33f3695070850cc15d3058d1315fb94d380



--------------------------------

[ Upstream commit 3bc57292 ]

slot_store() uses kstrtouint() to get a slot number, but stores the
result in an "int" variable (by casting a pointer).
This can result in a negative slot number if the unsigned int value is
very large.

A negative number means that the slot is empty, but setting a negative
slot number this way will not remove the device from the array.  I don't
think this is a serious problem, but it could cause confusion and it is
best to fix it.

Reported-by: default avatarDan Carpenter <error27@gmail.com>
Signed-off-by: default avatarNeilBrown <neilb@suse.de>
Signed-off-by: default avatarSong Liu <song@kernel.org>
Signed-off-by: default avatarSasha Levin <sashal@kernel.org>
Signed-off-by: default avatarsanglipeng <sanglipeng1@jd.com>
parent 26d3571e
Show whitespace changes
Inline Side-by-side
0% or .
You are about to add 0 people to the discussion. Proceed with caution.
Please to comment