Unverified Commit 5ad414f4 authored by Dan Carpenter's avatar Dan Carpenter Committed by Konstantin Komarov
Browse files

fs/ntfs3: Fix a couple integer overflows on 32bit systems 



On 32bit systems the "off + sizeof(struct NTFS_DE)" addition can
have an integer wrapping issue.  Fix it by using size_add().

Fixes: 82cae269 ("fs/ntfs3: Add initialization of super block")
Signed-off-by: default avatarDan Carpenter <dan.carpenter@linaro.org>
Signed-off-by: default avatarKonstantin Komarov <almaz.alexandrovich@paragon-software.com>
parent b432163e

fs/ntfs3/index.c

+2 −2
Original line number Diff line number Diff line
@@ -618,7 +618,7 @@ static bool index_hdr_check(const struct INDEX_HDR *hdr, u32 bytes) 
	u32 off = le32_to_cpu(hdr->de_off);



	if (!IS_ALIGNED(off, 8) || tot > bytes || end > tot ||

	    off + sizeof(struct NTFS_DE) > end) {

	    size_add(off, sizeof(struct NTFS_DE)) > end) {

		/* incorrect index buffer. */

		return false;

	}
@@ -736,7 +736,7 @@ static struct NTFS_DE *hdr_find_e(const struct ntfs_index *indx, 
	if (end > total)

		return NULL;



	if (off + sizeof(struct NTFS_DE) > end)

	if (size_add(off, sizeof(struct NTFS_DE)) > end)

		return NULL;



	e = Add2Ptr(hdr, off);