Revision - d6e621d - squashfs: fix divide error in calculate_skip()

Revision d6e621de1fceb3b098ebf435ef7ea91ec4838a1a authored by Phillip Lougher on 15 May 2021, 00:27:16 UTC, committed by Linus Torvalds on 15 May 2021, 02:41:32 UTC

squashfs: fix divide error in calculate_skip()

Sysbot has reported a "divide error" which has been identified as being
caused by a corrupted file_size value within the file inode.  This value
has been corrupted to a much larger value than expected.

Calculate_skip() is passed i_size_read(inode) >> msblk->block_log.  Due to
the file_size value corruption this overflows the int argument/variable in
that function, leading to the divide error.

This patch changes the function to use u64.  This will accommodate any
unexpectedly large values due to corruption.

The value returned from calculate_skip() is clamped to be never more than
SQUASHFS_CACHED_BLKS - 1, or 7.  So file_size corruption does not lead to
an unexpectedly large return result here.

Link: https://lkml.kernel.org/r/20210507152618.9447-1-phillip@squashfs.org.uk
Signed-off-by: Phillip Lougher <phillip@squashfs.org.uk>
Reported-by: <syzbot+e8f781243ce16ac2f962@syzkaller.appspotmail.com>
Reported-by: <syzbot+7b98870d4fec9447b951@syzkaller.appspotmail.com>
Cc: <stable@vger.kernel.org>
Signed-off-by: Andrew Morton <akpm@linux-foundation.org>
Signed-off-by: Linus Torvalds <torvalds@linux-foundation.org>

1 parent eb1f065

Files
Changes

Permalinks

File	Mode	Size
atomic
basic
clang-tools
coccinelle
dtc
dummy-tools
gcc-plugins
gdb
genksyms
kconfig
ksymoops
mod
package
selinux
tracing
.gitignore	-rw-r--r--	160 bytes
Kbuild.include	-rw-r--r--	9.0 KB
Kconfig.include	-rw-r--r--	2.6 KB
Lindent	-rwxr-xr-x	502 bytes
Makefile	-rw-r--r--	1.6 KB
Makefile.asm-generic	-rw-r--r--	1.8 KB
Makefile.build	-rw-r--r--	18.2 KB
Makefile.clean	-rw-r--r--	2.2 KB
Makefile.compiler	-rw-r--r--	2.7 KB
Makefile.dtbinst	-rw-r--r--	999 bytes
Makefile.extrawarn	-rw-r--r--	2.8 KB
Makefile.gcc-plugins	-rw-r--r--	2.5 KB
Makefile.headersinst	-rw-r--r--	2.9 KB
Makefile.host	-rw-r--r--	4.6 KB
Makefile.kasan	-rw-r--r--	1.6 KB
Makefile.kcov	-rw-r--r--	333 bytes
Makefile.kcsan	-rw-r--r--	739 bytes
Makefile.lib	-rw-r--r--	18.3 KB
Makefile.modfinal	-rw-r--r--	3.2 KB
Makefile.modinst	-rw-r--r--	2.4 KB
Makefile.modpost	-rw-r--r--	4.9 KB
Makefile.package	-rw-r--r--	6.6 KB
Makefile.ubsan	-rw-r--r--	837 bytes
Makefile.userprogs	-rw-r--r--	1.6 KB
adjust_autoksyms.sh	-rwxr-xr-x	2.1 KB
as-version.sh	-rwxr-xr-x	2.0 KB
asn1_compiler.c	-rw-r--r--	35.3 KB
bin2c.c	-rw-r--r--	743 bytes
bloat-o-meter	-rwxr-xr-x	3.4 KB
bootgraph.pl	-rwxr-xr-x	5.6 KB
bpf_doc.py	-rwxr-xr-x	24.9 KB
cc-can-link.sh	-rwxr-xr-x	166 bytes
cc-version.sh	-rwxr-xr-x	1.5 KB
check-sysctl-docs	-rwxr-xr-x	4.4 KB
check_extable.sh	-rwxr-xr-x	4.9 KB
checkdeclares.pl	-rw-r--r--	1.1 KB
checkincludes.pl	-rwxr-xr-x	1.9 KB
checkkconfigsymbols.py	-rwxr-xr-x	15.5 KB
checkpatch.pl	-rwxr-xr-x	222.4 KB
checkstack.pl	-rwxr-xr-x	5.9 KB
checksyscalls.sh	-rwxr-xr-x	7.3 KB
checkversion.pl	-rwxr-xr-x	1.9 KB
cleanfile	-rwxr-xr-x	3.5 KB
cleanpatch	-rwxr-xr-x	5.1 KB
coccicheck	-rwxr-xr-x	7.9 KB
config	-rwxr-xr-x	4.7 KB
const_structs.checkpatch	-rw-r--r--	1009 bytes
decode_stacktrace.sh	-rwxr-xr-x	5.2 KB
decodecode	-rwxr-xr-x	2.9 KB
depmod.sh	-rwxr-xr-x	1.4 KB
dev-needs.sh	-rwxr-xr-x	6.1 KB
diffconfig	-rwxr-xr-x	3.7 KB
documentation-file-ref-check	-rwxr-xr-x	5.6 KB
export_report.pl	-rwxr-xr-x	4.5 KB
extract-cert.c	-rw-r--r--	3.5 KB
extract-ikconfig	-rwxr-xr-x	1.7 KB
extract-module-sig.pl	-rwxr-xr-x	3.7 KB
extract-sys-certs.pl	-rwxr-xr-x	3.7 KB
extract-vmlinux	-rwxr-xr-x	1.7 KB
extract_xc3028.pl	-rwxr-xr-x	44.6 KB
faddr2line	-rwxr-xr-x	6.2 KB
file-size.sh	-rwxr-xr-x	86 bytes
find-unused-docs.sh	-rwxr-xr-x	1.3 KB
gcc-goto.sh	-rwxr-xr-x	511 bytes
gcc-ld	-rwxr-xr-x	711 bytes
gcc-x86_32-has-stack-protector.sh	-rwxr-xr-x	408 bytes
gcc-x86_64-has-stack-protector.sh	-rwxr-xr-x	198 bytes
gen_autoksyms.sh	-rwxr-xr-x	2.0 KB
gen_ksymdeps.sh	-rwxr-xr-x	399 bytes
generate_initcall_order.pl	-rwxr-xr-x	5.9 KB
get_abi.pl	-rwxr-xr-x	15.1 KB
get_dvb_firmware	-rwxr-xr-x	24.5 KB
get_feat.pl	-rwxr-xr-x	14.3 KB
get_maintainer.pl	-rwxr-xr-x	67.1 KB
gfp-translate	-rwxr-xr-x	1.7 KB
headerdep.pl	-rwxr-xr-x	3.5 KB
headers_check.pl	-rwxr-xr-x	3.7 KB
headers_install.sh	-rwxr-xr-x	3.4 KB
insert-sys-cert.c	-rw-r--r--	8.9 KB
jobserver-exec	-rwxr-xr-x	2.2 KB
kallsyms.c	-rw-r--r--	18.1 KB
kernel-doc	-rwxr-xr-x	69.0 KB
ld-version.sh	-rwxr-xr-x	1.7 KB
leaking_addresses.pl	-rwxr-xr-x	12.8 KB
link-vmlinux.sh	-rwxr-xr-x	11.1 KB
makelst	-rwxr-xr-x	808 bytes
markup_oops.pl	-rwxr-xr-x	7.9 KB
min-tool-version.sh	-rwxr-xr-x	631 bytes
mkcompile_h	-rwxr-xr-x	2.3 KB
mkmakefile	-rwxr-xr-x	426 bytes
mksysmap	-rwxr-xr-x	1.3 KB
mkuboot.sh	-rwxr-xr-x	414 bytes
module.lds.S	-rw-r--r--	1.5 KB
modules-check.sh	-rwxr-xr-x	427 bytes
nsdeps	-rw-r--r--	1.7 KB
objdiff	-rwxr-xr-x	2.8 KB
parse-maintainers.pl	-rwxr-xr-x	4.5 KB
patch-kernel	-rwxr-xr-x	9.9 KB
profile2linkerlist.pl	-rwxr-xr-x	414 bytes
prune-kernel	-rwxr-xr-x	708 bytes
recordmcount.c	-rw-r--r--	16.7 KB
recordmcount.h	-rw-r--r--	19.3 KB
recordmcount.pl	-rwxr-xr-x	18.7 KB
remove-stale-files	-rwxr-xr-x	1.3 KB
setlocalversion	-rwxr-xr-x	4.7 KB
show_delta	-rwxr-xr-x	3.0 KB
sign-file.c	-rw-r--r--	9.8 KB
sorttable.c	-rw-r--r--	8.7 KB
sorttable.h	-rw-r--r--	9.7 KB
spdxcheck-test.sh	-rw-r--r--	323 bytes
spdxcheck.py	-rwxr-xr-x	10.1 KB
spelling.txt	-rw-r--r--	31.6 KB
sphinx-pre-install	-rwxr-xr-x	21.7 KB
split-man.pl	-rwxr-xr-x	604 bytes
stackdelta	-rwxr-xr-x	1.8 KB
stackusage	-rwxr-xr-x	794 bytes
subarch.include	-rw-r--r--	641 bytes
syscallhdr.sh	-rwxr-xr-x	1.9 KB
syscalltbl.sh	-rwxr-xr-x	1.3 KB
tags.sh	-rwxr-xr-x	9.6 KB
tools-support-relr.sh	-rwxr-xr-x	518 bytes
unifdef.c	-rw-r--r--	34.8 KB
ver_linux	-rwxr-xr-x	2.6 KB
xen-hypercalls.sh	-rw-r--r--	386 bytes
xz_wrap.sh	-rwxr-xr-x	563 bytes

Showing with 0 additions and 0 deletions (0 / 0 diffs computed)

Computing file changes ...