| Message ID | 9d4b1148babc3d6e43bd5beea807729940da2404.1741047738.git.alison.schofield@intel.com (mailing list archive) |
|---|---|
| State | Superseded |
| Headers | show |
| Series | Address Coverity Scan Defects | expand |
On 3/3/25 5:37 PM, alison.schofield@intel.com wrote: > From: Alison Schofield <alison.schofield@intel.com> > > A coverity scan highlighted an integer overflow issue when testing > if the size and align parameters make sense together. > > Before performing the multiplication, check that the result will not > exceed the maximimum value that an unsigned long long can hold. > > Signed-off-by: Alison Schofield <alison.schofield@intel.com> Reviewed-by: Dave Jiang <dave.jiang@intel.com> nit below > --- > ndctl/namespace.c | 8 +++++++- > 1 file changed, 7 insertions(+), 1 deletion(-) > > diff --git a/ndctl/namespace.c b/ndctl/namespace.c > index aa8c23a50385..bb0c2f2e28c7 100644 > --- a/ndctl/namespace.c > +++ b/ndctl/namespace.c > @@ -865,9 +865,15 @@ static int validate_namespace_options(struct ndctl_region *region, > * option > */ > size_align = max(units, size_align) * ways; > - stray edit? > p->size /= size_align; > p->size++; > + > + if (p->size > ULLONG_MAX / size_align) { > + err("size overflow: %llu * %llu exceeds ULLONG_MAX\n", > + p->size, size_align); > + return -EINVAL; > + } > + > p->size *= size_align; > p->size /= units; > err("'--size=' must align to interleave-width: %d and alignment: %ld\n"
diff --git a/ndctl/namespace.c b/ndctl/namespace.c index aa8c23a50385..bb0c2f2e28c7 100644 --- a/ndctl/namespace.c +++ b/ndctl/namespace.c @@ -865,9 +865,15 @@ static int validate_namespace_options(struct ndctl_region *region, * option */ size_align = max(units, size_align) * ways; - p->size /= size_align; p->size++; + + if (p->size > ULLONG_MAX / size_align) { + err("size overflow: %llu * %llu exceeds ULLONG_MAX\n", + p->size, size_align); + return -EINVAL; + } + p->size *= size_align; p->size /= units; err("'--size=' must align to interleave-width: %d and alignment: %ld\n"