From patchwork Wed Mar 9 23:11:15 2016 Content-Type: text/plain; charset="utf-8" MIME-Version: 1.0 Content-Transfer-Encoding: 7bit X-Patchwork-Submitter: Kamal Mostafa X-Patchwork-Id: 595371 Return-Path: X-Original-To: incoming@patchwork.ozlabs.org Delivered-To: patchwork-incoming@bilbo.ozlabs.org Received: from huckleberry.canonical.com (huckleberry.canonical.com [91.189.94.19]) by ozlabs.org (Postfix) with ESMTP id 33FA81402A8; Thu, 10 Mar 2016 10:12:57 +1100 (AEDT) Received: from localhost ([127.0.0.1] helo=huckleberry.canonical.com) by huckleberry.canonical.com with esmtp (Exim 4.76) (envelope-from ) id 1adnHi-0001vV-42; Wed, 09 Mar 2016 23:12:54 +0000 Received: from youngberry.canonical.com ([91.189.89.112]) by huckleberry.canonical.com with esmtps (TLS1.0:RSA_AES_256_CBC_SHA1:32) (Exim 4.76) (envelope-from ) id 1adnGC-00013o-29 for kernel-team@lists.ubuntu.com; Wed, 09 Mar 2016 23:11:20 +0000 Received: from 1.general.kamal.us.vpn ([10.172.68.52] helo=fourier) by youngberry.canonical.com with esmtpsa (TLS1.0:RSA_AES_128_CBC_SHA1:16) (Exim 4.76) (envelope-from ) id 1adnGB-0002IL-IT; Wed, 09 Mar 2016 23:11:19 +0000 Received: from kamal by fourier with local (Exim 4.86) (envelope-from ) id 1adnG8-00038l-Tk; Wed, 09 Mar 2016 15:11:16 -0800 From: Kamal Mostafa To: Insu Yun Subject: [3.13.y-ckt stable] Patch "ext4: fix potential integer overflow" has been added to the 3.13.y-ckt tree Date: Wed, 9 Mar 2016 15:11:15 -0800 Message-Id: <1457565075-12036-1-git-send-email-kamal@canonical.com> X-Mailer: git-send-email 2.7.0 X-Extended-Stable: 3.13 Cc: Kamal Mostafa , Theodore Ts'o , kernel-team@lists.ubuntu.com X-BeenThere: kernel-team@lists.ubuntu.com X-Mailman-Version: 2.1.14 Precedence: list List-Id: Kernel team discussions List-Unsubscribe: , List-Archive: List-Post: List-Help: List-Subscribe: , MIME-Version: 1.0 Errors-To: kernel-team-bounces@lists.ubuntu.com Sender: kernel-team-bounces@lists.ubuntu.com This is a note to let you know that I have just added a patch titled ext4: fix potential integer overflow to the linux-3.13.y-queue branch of the 3.13.y-ckt extended stable tree which can be found at: http://kernel.ubuntu.com/git/ubuntu/linux.git/log/?h=linux-3.13.y-queue This patch is scheduled to be released in version 3.13.11-ckt36. If you, or anyone else, feels it should not be added to this tree, please reply to this email. For more information about the 3.13.y-ckt tree, see https://wiki.ubuntu.com/Kernel/Dev/ExtendedStable Thanks. -Kamal ---8<------------------------------------------------------------ From 578355d0a2b13b6034b46c6fc35739fc2271c7de Mon Sep 17 00:00:00 2001 From: Insu Yun Date: Fri, 12 Feb 2016 01:15:59 -0500 Subject: ext4: fix potential integer overflow commit 46901760b46064964b41015d00c140c83aa05bcf upstream. Since sizeof(ext_new_group_data) > sizeof(ext_new_flex_group_data), integer overflow could be happened. Therefore, need to fix integer overflow sanitization. Signed-off-by: Insu Yun Signed-off-by: Theodore Ts'o Signed-off-by: Kamal Mostafa --- fs/ext4/resize.c | 2 +- 1 file changed, 1 insertion(+), 1 deletion(-) -- 2.7.0 diff --git a/fs/ext4/resize.c b/fs/ext4/resize.c index 831cb30..ae8ce49 100644 --- a/fs/ext4/resize.c +++ b/fs/ext4/resize.c @@ -186,7 +186,7 @@ static struct ext4_new_flex_group_data *alloc_flex_gd(unsigned long flexbg_size) if (flex_gd == NULL) goto out3; - if (flexbg_size >= UINT_MAX / sizeof(struct ext4_new_flex_group_data)) + if (flexbg_size >= UINT_MAX / sizeof(struct ext4_new_group_data)) goto out2; flex_gd->count = flexbg_size;