cifsd: prevent a integer overflow in wm_alloc()

Dan Carpenter pointed out that there there is a possibility of integer overflow. This patch prevent a integer overflow in wm_alloc(). Signed-off-by: Namjae Jeon <namjae.jeon@samsung.com> Signed-off-by: Steve French <stfrench@microsoft.com>

cifsd: prevent a integer overflow in wm_alloc()
Dan Carpenter pointed out that there there is a possibility of integer overflow. This patch prevent a integer overflow in wm_alloc(). Signed-off-by: Namjae Jeon <namjae.jeon@samsung.com> Signed-off-by: Steve French <stfrench@microsoft.com>
4030b278 · Namjae Jeon · Steve French · 9cca7516 · 4030b278
Commit 4030b278 authored Apr 04, 2021 by Namjae Jeon Committed by Steve French May 10, 2021
Hide whitespace changes
Inline Side-by-side

Showing with 3 additions and 0 deletions

fs/cifsd/buffer_pool.c fs/cifsd/buffer_pool.c +3 -0

No files found.
--- a/fs/cifsd/buffer_pool.c
+++ b/fs/cifsd/buffer_pool.c
@@ -42,6 +42,9 @@ static struct wm *wm_alloc(size_t sz, gfp_t flags)
 	struct wm *wm;
 	size_t alloc_sz = sz + sizeof(struct wm);

+	if (sz > SIZE_MAX - sizeof(struct wm))
+		return NULL;
+
 	wm = kvmalloc(alloc_sz, flags);
 	if (!wm)
 		return NULL;