Re: [PATCH 6/6] lib/scatterlist: Fix overflow check in sgl_alloc_order

2018-10-03 Thread Bart Van Assche 
On Wed, 2018-09-26 at 15:16 +0100, Tvrtko Ursulin wrote:
> From: Tvrtko Ursulin 
> 
> It is necessary to ensure types on both sides of the comparison are of the
> same width. Otherwise the check overflows sooner than expect due left hand
> side being an unsigned long length, and the right hand side unsigned int
> number of elements multiplied by element size.

Reviewed-by: Bart Van Assche

Re: [PATCH 6/6] lib/scatterlist: Fix overflow check in sgl_alloc_order

2018-10-03 Thread Bart Van Assche 
On Wed, 2018-09-26 at 15:16 +0100, Tvrtko Ursulin wrote:
> From: Tvrtko Ursulin 
> 
> It is necessary to ensure types on both sides of the comparison are of the
> same width. Otherwise the check overflows sooner than expect due left hand
> side being an unsigned long length, and the right hand side unsigned int
> number of elements multiplied by element size.

Reviewed-by: Bart Van Assche

[PATCH 6/6] lib/scatterlist: Fix overflow check in sgl_alloc_order

2018-09-26 Thread Tvrtko Ursulin 
From: Tvrtko Ursulin 

It is necessary to ensure types on both sides of the comparison are of the
same width. Otherwise the check overflows sooner than expect due left hand
side being an unsigned long length, and the right hand side unsigned int
number of elements multiplied by element size.

Signed-off-by: Tvrtko Ursulin 
Cc: Bart Van Assche 
Cc: Hannes Reinecke 
Cc: Johannes Thumshirn 
Cc: Jens Axboe 
---
 lib/scatterlist.c | 2 +-
 1 file changed, 1 insertion(+), 1 deletion(-)

diff --git a/lib/scatterlist.c b/lib/scatterlist.c
index 581a2e91e515..c87243d46f10 100644
--- a/lib/scatterlist.c
+++ b/lib/scatterlist.c
@@ -485,7 +485,7 @@ struct scatterlist *sgl_alloc_order(unsigned long length, 
unsigned int order,
 
nent = round_up(length, PAGE_SIZE << order) >> (PAGE_SHIFT + order);
/* Check for integer overflow */
-   if (length > (nent << (PAGE_SHIFT + order)))
+   if (length > ((unsigned long)nent << (PAGE_SHIFT + order)))
return NULL;
nalloc = nent;
if (chainable) {
-- 
2.17.1

[PATCH 6/6] lib/scatterlist: Fix overflow check in sgl_alloc_order

2018-09-26 Thread Tvrtko Ursulin 
From: Tvrtko Ursulin 

It is necessary to ensure types on both sides of the comparison are of the
same width. Otherwise the check overflows sooner than expect due left hand
side being an unsigned long length, and the right hand side unsigned int
number of elements multiplied by element size.

Signed-off-by: Tvrtko Ursulin 
Cc: Bart Van Assche 
Cc: Hannes Reinecke 
Cc: Johannes Thumshirn 
Cc: Jens Axboe 
---
 lib/scatterlist.c | 2 +-
 1 file changed, 1 insertion(+), 1 deletion(-)

diff --git a/lib/scatterlist.c b/lib/scatterlist.c
index 581a2e91e515..c87243d46f10 100644
--- a/lib/scatterlist.c
+++ b/lib/scatterlist.c
@@ -485,7 +485,7 @@ struct scatterlist *sgl_alloc_order(unsigned long length, 
unsigned int order,
 
nent = round_up(length, PAGE_SIZE << order) >> (PAGE_SHIFT + order);
/* Check for integer overflow */
-   if (length > (nent << (PAGE_SHIFT + order)))
+   if (length > ((unsigned long)nent << (PAGE_SHIFT + order)))
return NULL;
nalloc = nent;
if (chainable) {
-- 
2.17.1