From patchwork Fri May 17 20:16:19 2013 Content-Type: text/plain; charset="utf-8" MIME-Version: 1.0 Content-Transfer-Encoding: 7bit X-Patchwork-Submitter: Jim Rees X-Patchwork-Id: 2584371 Return-Path: X-Original-To: patchwork-linux-nfs@patchwork.kernel.org Delivered-To: patchwork-process-083081@patchwork2.kernel.org Received: from vger.kernel.org (vger.kernel.org [209.132.180.67]) by patchwork2.kernel.org (Postfix) with ESMTP id CDA6BDF215 for ; Fri, 17 May 2013 20:16:25 +0000 (UTC) Received: (majordomo@vger.kernel.org) by vger.kernel.org via listexpand id S1754692Ab3EQUQY (ORCPT ); Fri, 17 May 2013 16:16:24 -0400 Received: from mout.perfora.net ([74.208.4.194]:54557 "EHLO mout.perfora.net" rhost-flags-OK-OK-OK-OK) by vger.kernel.org with ESMTP id S1754333Ab3EQUQY (ORCPT ); Fri, 17 May 2013 16:16:24 -0400 Received: from rees.org (c-68-32-80-121.hsd1.mi.comcast.net [68.32.80.121]) by mrelay.perfora.net (node=mrus3) with ESMTP (Nemesis) id 0MPlc2-1UYTG20KeI-004hOT; Fri, 17 May 2013 16:16:22 -0400 From: Jim Rees To: Bruce Fields Cc: linux-nfs@vger.kernel.org Subject: [PATCH] nfsd: avoid undefined signed overflow Date: Fri, 17 May 2013 16:16:19 -0400 Message-Id: <1368821779-9046-1-git-send-email-rees@umich.edu> X-Mailer: git-send-email 1.8.2.3 X-Provags-ID: V02:K0:FWaHhAEjQB2mWDvE3mf/B7Qr/fNCDneEn+s4pE9iD+b xLfQvw/pp6OrkwU7GEZ+OCGU+3cAXJOULz4t3E90pRjHtaBpdx Rcat4wO514vbgBC9CTMDZeuwAIhin5/u2sUv02LETEHuowczZi FHmmnRnTI3HTfjRxy5+oXXhnyrdNv0NWah5Z7ppnFDABu88gxs S5wN+55cp0hFboDqQRS0ZsSzjIocEO3a+ksNBJJ8mY3nYw7F2B +PqPCyEmAkafxBLlEkwDP4Z0sOJeT2/vvWWJkWOQEyczXwhFhH kofVgRy/MkujFMA7Jm1hNmrHZxwjVog15+Wt01PaaHARxp5f1x ZJXCjTRAp4LXBTqIuqMuEEo5JCgziMca7NBfDGyPu Sender: linux-nfs-owner@vger.kernel.org Precedence: bulk List-ID: X-Mailing-List: linux-nfs@vger.kernel.org In C, signed integer overflow results in undefined behavior, but unsigned overflow wraps around. So do the subtraction first, then cast to signed. Signed-off-by: Jim Rees --- fs/nfsd/nfs4state.c | 2 +- 1 file changed, 1 insertion(+), 1 deletion(-) diff --git a/fs/nfsd/nfs4state.c b/fs/nfsd/nfs4state.c index 316ec84..9850329 100644 --- a/fs/nfsd/nfs4state.c +++ b/fs/nfsd/nfs4state.c @@ -3427,7 +3427,7 @@ grace_disallows_io(struct net *net, struct inode *inode) /* Returns true iff a is later than b: */ static bool stateid_generation_after(stateid_t *a, stateid_t *b) { - return (s32)a->si_generation - (s32)b->si_generation > 0; + return (s32)(a->si_generation - b->si_generation) > 0; } static __be32 check_stateid_generation(stateid_t *in, stateid_t *ref, bool has_session)