head, tail, ring_size are declared as unsigned int, so all local
variables that operate with these fields have to be unsigned to avoid
signed integer overflow.
Right now, it isn't an issue because the maximum pipe size is limited by
1U<<31.
Cc: Dmitry Safonov <[email protected]>
Suggested-by: Dmitry Safonov <[email protected]>
Signed-off-by: Andrei Vagin <[email protected]>
---
fs/pipe.c | 4 ++--
1 file changed, 2 insertions(+), 2 deletions(-)
diff --git a/fs/pipe.c b/fs/pipe.c
index 45565773ec33..b4ccafffa350 100644
--- a/fs/pipe.c
+++ b/fs/pipe.c
@@ -605,7 +605,7 @@ pipe_write(struct kiocb *iocb, struct iov_iter *from)
static long pipe_ioctl(struct file *filp, unsigned int cmd, unsigned long arg)
{
struct pipe_inode_info *pipe = filp->private_data;
- int count, head, tail, mask;
+ unsigned int count, head, tail, mask;
switch (cmd) {
case FIONREAD:
@@ -827,7 +827,7 @@ struct pipe_inode_info *alloc_pipe_info(void)
void free_pipe_info(struct pipe_inode_info *pipe)
{
- int i;
+ unsigned int i;
#ifdef CONFIG_WATCH_QUEUE
if (pipe->watch_queue) {
--
2.33.1
On Thu, Jan 06, 2022 at 09:19:46AM -0800, Andrei Vagin wrote:
> head, tail, ring_size are declared as unsigned int, so all local
> variables that operate with these fields have to be unsigned to avoid
> signed integer overflow.
>
> Right now, it isn't an issue because the maximum pipe size is limited by
> 1U<<31.
>
> Cc: Dmitry Safonov <[email protected]>
> Suggested-by: Dmitry Safonov <[email protected]>
> Signed-off-by: Andrei Vagin <[email protected]>
> ---
Looks good,
Acked-by: Christian Brauner <[email protected]>