Commit 51e38c92 authored by Kees Cook's avatar Kees Cook Committed by Jan Kara
Browse files

udf: Use unsigned variables for size calculations



To avoid confusing the compiler about possible negative sizes, switch
various size variables that can never be negative from int to u32. Seen
with GCC 13:

../fs/udf/directory.c: In function 'udf_copy_fi':
../include/linux/fortify-string.h:57:33: warning: '__builtin_memcpy' pointer overflow between offset 80 and size [-2147483648, -1] [-Warray-bounds=]
   57 | #define __underlying_memcpy     __builtin_memcpy
      |                                 ^
...
../fs/udf/directory.c:102:9: note: in expansion of macro 'memcpy'
  102 |         memcpy(&iter->fi, iter->bh[0]->b_data + off, len);
      |         ^~~~~~

Cc: Jan Kara <jack@suse.com>
Signed-off-by: default avatarKees Cook <keescook@chromium.org>
Signed-off-by: default avatarJan Kara <jack@suse.cz>
Message-Id: <20230204183427.never.856-kees@kernel.org>
parent f8d0dd0b
Loading
Loading
Loading
Loading
+3 −2
Original line number Diff line number Diff line
@@ -71,8 +71,9 @@ static int udf_verify_fi(struct udf_fileident_iter *iter)
static int udf_copy_fi(struct udf_fileident_iter *iter)
{
	struct udf_inode_info *iinfo = UDF_I(iter->dir);
	int blksize = 1 << iter->dir->i_blkbits;
	int err, off, len, nameoff;
	u32 blksize = 1 << iter->dir->i_blkbits;
	u32 off, len, nameoff;
	int err;

	/* Skip copying when we are at EOF */
	if (iter->pos >= iter->dir->i_size) {