Re: [PATCH] fs/befs/linuxvfs.c: need signed cast for variable 'block'

[Al Viro]

On Thu, Oct 31, 2013 at 09:53:59AM -0700, Kees Cook wrote:

> If block (type sector_t) is unsigned, we shouldn't cast it signed.
> This entire code path should be removed. What is BEFS's expected
> maximum block size? (Looks like even befs_blocknr_t is u64, so nothing
> seems trivially in danger of wrapping.) I would also note that all the
> format strings are wrong too (%ld instead of %lu).

FWIW, this
        res = befs_fblock2brun(sb, ds, block, &run);
        if (res != BEFS_OK) {
                befs_error(sb,
                           "<--- befs_get_block() for inode %lu, block "
                           "%ld ERROR", inode->i_ino, block);
                return -EFBIG;
        }
also looks wrong - ioctl(..., FIBMAP, ...) shouldn't be able to spew
printks on a valid fs and hitting it with block number greater than
file length will, AFAICS, trigger that.

I agree that this code needs fixing, but just making gcc STFU about the
comparison would only serve to hide the problem.  Anybody familiar with
befs or willing to learn it?
--
To unsubscribe from this list: send the line "unsubscribe linux-kernel" in
the body of a message to majordomo@xxxxxxxxxxxxxxx
More majordomo info at  http://vger.kernel.org/majordomo-info.html
Please read the FAQ at  http://www.tux.org/lkml/