linux_dsm_epyc7002/fs/xfs
Zhitong Wang fda168c245 xfs: Fix integer overflow in fs/xfs/linux-2.6/xfs_ioctl*.c
The am_hreq.opcount field in the xfs_attrmulti_by_handle() interface
is not bounded correctly. The opcount is used to determine the size
of the buffer required. The size is bounded, but can overflow and so
the size checks may not be sufficient to catch invalid opcounts.
Fix it by catching opcount values that would cause overflows before
calculating the size.

Signed-off-by: Zhitong Wang <zhitong.wangzt@alibaba-inc.com>
Reviewed-by: Dave Chinner <david@fromorbit.com>
2010-05-19 09:58:07 -05:00
..
linux-2.6 xfs: Fix integer overflow in fs/xfs/linux-2.6/xfs_ioctl*.c 2010-05-19 09:58:07 -05:00
quota xfs: add a shrinker to background inode reclaim 2010-04-29 16:22:13 -05:00
support xfs: event tracing support 2009-12-14 23:08:16 -06:00
Kconfig xfs: use generic Posix ACL code 2009-06-10 17:07:47 +02:00
Makefile xfs: merge xfs_lrw.c into xfs_file.c 2010-03-01 16:34:18 -06:00
xfs_acl.h xfs: convert attr to use unsigned names 2010-01-20 10:47:48 +11:00
xfs_ag.h xfs: add a shrinker to background inode reclaim 2010-04-29 16:22:13 -05:00
xfs_alloc_btree.c xfs: Don't directly reference m_perag in allocation code 2010-01-15 15:33:12 -06:00
xfs_alloc_btree.h [XFS] Always use struct xfs_btree_block instead of short / longform 2008-10-30 17:14:34 +11:00
xfs_alloc.c xfs: cleanup up xfs_log_force calling conventions 2010-01-21 13:44:49 -06:00
xfs_alloc.h xfs: event tracing support 2009-12-14 23:08:16 -06:00
xfs_arch.h xfs: use generic Posix ACL code 2009-06-10 17:07:47 +02:00
xfs_attr_leaf.c xfs: remove duplicate buffer flags 2010-01-21 13:44:36 -06:00
xfs_attr_leaf.h [XFS] Remove macro-to-function indirections in attr code 2009-01-09 15:46:44 +11:00
xfs_attr_sf.h xfs: convert attr to use unsigned names 2010-01-20 10:47:48 +11:00
xfs_attr.c xfs: remove duplicate buffer flags 2010-01-21 13:44:36 -06:00
xfs_attr.h xfs: convert attr to use unsigned names 2010-01-20 10:47:48 +11:00
xfs_bit.c [XFS] Use the generic bitops rather than implementing them ourselves. 2008-08-13 15:41:12 +10:00
xfs_bit.h [XFS] Remove macro-to-function indirections in the mask code 2009-01-09 15:53:54 +11:00
xfs_bmap_btree.c xfs: make several more functions static 2010-01-15 15:31:38 -06:00
xfs_bmap_btree.h xfs: make several more functions static 2010-01-15 15:31:38 -06:00
xfs_bmap.c xfs: split xfs_bmap_btalloc 2010-03-01 16:35:25 -06:00
xfs_bmap.h xfs: event tracing support 2009-12-14 23:08:16 -06:00
xfs_btree_trace.c [XFS] make btree tracing generic 2008-10-30 16:58:50 +11:00
xfs_btree_trace.h xfs: event tracing support 2009-12-14 23:08:16 -06:00
xfs_btree.c xfs: remove duplicate buffer flags 2010-01-21 13:44:36 -06:00
xfs_btree.h xfs: add more statics & drop some unused functions 2009-08-31 14:46:20 -05:00
xfs_buf_item.c xfs: Don't issue buffer IO direct from AIL push V2 2010-02-02 10:13:42 +11:00
xfs_buf_item.h xfs: event tracing support 2009-12-14 23:08:16 -06:00
xfs_da_btree.c xfs: convert dirnameops to unsigned char names 2010-01-20 10:47:17 +11:00
xfs_da_btree.h xfs: convert dirnameops to unsigned char names 2010-01-20 10:47:17 +11:00
xfs_dfrag.c xfs: more swap extent fixes for dynamic fork offsets 2010-04-26 12:38:51 -05:00
xfs_dfrag.h xfs: clean up inconsistent variable naming in xfs_swap_extent 2010-01-15 15:31:23 -06:00
xfs_dinode.h xfs: remove m_litino 2009-03-29 09:51:14 +02:00
xfs_dir2_block.c xfs: clean up sign warnings in dir2 code 2010-01-20 10:48:05 +11:00
xfs_dir2_block.h
xfs_dir2_data.c [XFS] Name operation vector for hash and compare 2008-07-28 16:58:36 +10:00
xfs_dir2_data.h xfs: fix various typos 2009-03-29 09:55:42 +02:00
xfs_dir2_leaf.c xfs: clean up sign warnings in dir2 code 2010-01-20 10:48:05 +11:00
xfs_dir2_leaf.h
xfs_dir2_node.c xfs: make several more functions static 2010-01-15 15:31:38 -06:00
xfs_dir2_node.h xfs: make several more functions static 2010-01-15 15:31:38 -06:00
xfs_dir2_sf.c xfs: clean up sign warnings in dir2 code 2010-01-20 10:48:05 +11:00
xfs_dir2_sf.h [XFS] kill xfs_dinode_core_t 2008-12-01 11:37:35 +11:00
xfs_dir2.c xfs: clean up sign warnings in dir2 code 2010-01-20 10:48:05 +11:00
xfs_dir2.h xfs: make xfs_dir_cilookup_result use unsigned char 2010-01-20 10:47:25 +11:00
xfs_dmapi.h removed unused #include <linux/version.h>'s 2008-08-23 12:14:12 -07:00
xfs_dmops.c [XFS] kill struct xfs_mount_args 2008-10-30 17:53:24 +11:00
xfs_error.c [XFS] avoid memory allocations in xfs_fs_vcmn_err 2008-12-22 18:02:01 +11:00
xfs_error.h [XFS] avoid memory allocations in xfs_fs_vcmn_err 2008-12-22 18:02:01 +11:00
xfs_extfree_item.c xfs: kill XLOG_VEC_SET_TYPE 2010-01-21 13:44:43 -06:00
xfs_extfree_item.h [XFS] remove always-true #ifndef HAVE_FORMAT32 tests 2009-01-22 14:07:31 +11:00
xfs_filestream.c xfs: Kill filestreams cache flush 2010-01-15 15:34:22 -06:00
xfs_filestream.h xfs: Kill filestreams cache flush 2010-01-15 15:34:22 -06:00
xfs_fs.h xfs: return inode fork offset in bulkstat for fsr 2010-03-05 11:02:07 -06:00
xfs_fsops.c xfs: Replace per-ag array with a radix tree 2010-01-15 15:33:52 -06:00
xfs_fsops.h filesystem freeze: add error handling of write_super_lockfs/unlockfs 2009-01-09 16:54:42 -08:00
xfs_ialloc_btree.c xfs: fix various typos 2009-03-29 09:55:42 +02:00
xfs_ialloc_btree.h xfs: remove superflous inobt macros 2009-02-09 08:37:14 +01:00
xfs_ialloc.c xfs: remove duplicate buffer flags 2010-01-21 13:44:36 -06:00
xfs_ialloc.h xfs: rationalize xfs_inobt_lookup* 2009-09-01 12:45:39 -05:00
xfs_iget.c xfs: fix locking for inode cache radix tree tag updates 2010-03-01 19:14:36 -06:00
xfs_inode_item.c xfs: remove xfs_ipin/xfs_iunpin 2010-03-01 16:35:56 -06:00
xfs_inode_item.h xfs: Don't issue buffer IO direct from AIL push V2 2010-02-02 10:13:42 +11:00
xfs_inode.c xfs: remove xfs_ipin/xfs_iunpin 2010-03-01 16:35:56 -06:00
xfs_inode.h xfs: remove xfs_ipin/xfs_iunpin 2010-03-01 16:35:56 -06:00
xfs_inum.h xfs: remove XFS_INO64_OFFSET 2009-08-31 14:46:22 -05:00
xfs_iomap.c xfs: event tracing support 2009-12-14 23:08:16 -06:00
xfs_iomap.h xfs: event tracing support 2009-12-14 23:08:16 -06:00
xfs_itable.c xfs: return inode fork offset in bulkstat for fsr 2010-03-05 11:02:07 -06:00
xfs_itable.h xfs: add more statics & drop some unused functions 2009-08-31 14:46:20 -05:00
xfs_log_priv.h xfs: make several more functions static 2010-01-15 15:31:38 -06:00
xfs_log_recover.c xfs: cleanup up xfs_log_force calling conventions 2010-01-21 13:44:49 -06:00
xfs_log_recover.h xfs: Use list_heads for log recovery item lists 2010-01-15 15:31:51 -06:00
xfs_log.c xfs: ensure that sync updates the log tail correctly 2010-04-16 13:51:23 -05:00
xfs_log.h xfs: stop passing opaque handles to xfs_log.c routines 2010-03-01 16:35:32 -06:00
xfs_mount.c xfs: Increase the default size of the reserved blocks pool 2010-03-05 11:01:59 -06:00
xfs_mount.h xfs: add a shrinker to background inode reclaim 2010-04-29 16:22:13 -05:00
xfs_mru_cache.c xfs: Kill filestreams cache flush 2010-01-15 15:34:22 -06:00
xfs_mru_cache.h xfs: Kill filestreams cache flush 2010-01-15 15:34:22 -06:00
xfs_quota.h xfs: kill the unused XFS_QMOPT_* flush flags V2 2010-02-04 09:48:58 +11:00
xfs_refcache.h
xfs_rename.c xfs: event tracing support 2009-12-14 23:08:16 -06:00
xfs_rtalloc.c xfs: fix missing error check in xfs_rtfree_range 2010-01-15 13:46:19 -06:00
xfs_rtalloc.h xfs: fix various typos 2009-03-29 09:55:42 +02:00
xfs_rw.c xfs: only clear the suid bit once in xfs_write 2010-02-12 13:43:57 -06:00
xfs_rw.h xfs: only clear the suid bit once in xfs_write 2010-02-12 13:43:57 -06:00
xfs_sb.h [XFS] Remove the rest of the macro-to-function indirections. 2009-01-19 14:45:55 +11:00
xfs_trans_ail.c xfs: Don't issue buffer IO direct from AIL push V2 2010-02-02 10:13:42 +11:00
xfs_trans_buf.c xfs: factor common xfs_trans_bjoin code 2010-03-01 16:35:37 -06:00
xfs_trans_extfree.c
xfs_trans_inode.c xfs: simplify xfs_trans_iget 2009-09-01 12:46:16 -05:00
xfs_trans_item.c xfs: fix various typos 2009-03-29 09:55:42 +02:00
xfs_trans_priv.h [XFS] Finish removing the mount pointer from the AIL API 2008-10-30 17:39:58 +11:00
xfs_trans_space.h xfs: remove superflous inobt macros 2009-02-09 08:37:14 +01:00
xfs_trans.c xfs: stop passing opaque handles to xfs_log.c routines 2010-03-01 16:35:32 -06:00
xfs_trans.h xfs: stop passing opaque handles to xfs_log.c routines 2010-03-01 16:35:32 -06:00
xfs_types.h xfs: directory names are unsigned 2010-01-20 10:44:58 +11:00
xfs_utils.c xfs: kill xfs_qmops 2009-06-08 15:33:32 +02:00
xfs_utils.h [XFS] implement IHOLD/IRELE directly 2008-08-13 16:13:45 +10:00
xfs_vnodeops.c xfs: remove wrapper for the fsync file operation 2010-03-01 16:34:38 -06:00
xfs_vnodeops.h xfs: kill xfs_lrw.h 2010-03-01 16:35:44 -06:00
xfs.h xfs: event tracing support 2009-12-14 23:08:16 -06:00