diff options
author | Christoph Hellwig <hch@tuxera.com> | 2011-02-16 09:34:17 +0100 |
---|---|---|
committer | Christoph Hellwig <hch@lst.de> | 2011-06-30 13:40:58 +0200 |
commit | bf1a1b31fa3ea24e3a90821d69a5c3da066f7d6c (patch) | |
tree | 32a751e5c58854fbb5aff9797fe73f6122e0b3ed | |
parent | 2b4f9ca8a575ce6d7ddb59d668e2be250bf86a8f (diff) |
hfsplus: fix overflow in hfsplus_get_block
For filesystems larger than 2TB the final sector number passed to
map_bh might overflow the range representable in a 32-bit data type.
Make sure we use a sector_t for it and the arithmetics calculating it.
Signed-off-by: Christoph Hellwig <hch@tuxera.com>
-rw-r--r-- | fs/hfsplus/extents.c | 9 |
1 files changed, 6 insertions, 3 deletions
diff --git a/fs/hfsplus/extents.c b/fs/hfsplus/extents.c index b1991a2a08e..b9c1a4b5ba8 100644 --- a/fs/hfsplus/extents.c +++ b/fs/hfsplus/extents.c @@ -209,6 +209,7 @@ int hfsplus_get_block(struct inode *inode, sector_t iblock, struct hfsplus_inode_info *hip = HFSPLUS_I(inode); int res = -EIO; u32 ablock, dblock, mask; + sector_t sector; int was_dirty = 0; int shift; @@ -255,10 +256,12 @@ int hfsplus_get_block(struct inode *inode, sector_t iblock, done: dprint(DBG_EXTENT, "get_block(%lu): %llu - %u\n", inode->i_ino, (long long)iblock, dblock); + mask = (1 << sbi->fs_shift) - 1; - map_bh(bh_result, sb, - (dblock << sbi->fs_shift) + sbi->blockoffset + - (iblock & mask)); + sector = ((sector_t)dblock << sbi->fs_shift) + + sbi->blockoffset + (iblock & mask); + map_bh(bh_result, sb, sector); + if (create) { set_buffer_new(bh_result); hip->phys_size += sb->s_blocksize; |