Unverified Commit d4e8e135 authored Aug 25, 2021 by Kari Argillander Committed by Konstantin Komarov Sep 02, 2021

fs/ntfs3: Fix integer overflow in ni_fiemap with fiemap_prep()



Use fiemap_prep() to check valid flags. It also shrink request scope
(@len) to what the fs can actually handle.

This address following Smatch static checker warning:
	fs/ntfs3/frecord.c:1894 ni_fiemap()
	warn: potential integer overflow from user 'vbo + len'

Because fiemap_prep() shrinks @len this cannot happened anymore.

Reported-by: Dan Carpenter <dan.carpenter@oracle.com>
Link: lore.kernel.org/ntfs3/20210825080440.GA17407@kili/

Fixes: 4342306f ("fs/ntfs3: Add file operations and implementation")
Signed-off-by: Kari Argillander <kari.argillander@gmail.com>
Signed-off-by: Konstantin Komarov <almaz.alexandrovich@paragon-software.com>

parent d3624466

fs/ntfs3/file.c

+3 −2

Original line number	Diff line number	Diff line
		@@ -1212,8 +1212,9 @@ int ntfs_fiemap(struct inode inode, struct fiemap_extent_info fieinfo,
		int err;
		struct ntfs_inode *ni = ntfs_i(inode);

		if (fieinfo->fi_flags & FIEMAP_FLAG_XATTR)
		return -EOPNOTSUPP;
		err = fiemap_prep(inode, fieinfo, start, &len, ~FIEMAP_FLAG_XATTR);
		if (err)
		return err;

		ni_lock(ni);