lseek - integer overflow

The issue was introduced in PR (https://github.com/lxc/lxc/pull/1705): Previous code: ``` if (lseek(fd, size, SEEK_SET) < 0) { SYSERROR("Error seeking to set new loop file size"); close(fd); return -1; } ``` New code: ``` int fd, ret; [...] ret = lseek(fd, size, SEEK_SET); if (ret < 0) { SYSERROR("Failed to seek to set new loop file size for loop " "file \"%s\"", path); close(fd); return -1; } ``` Based on http://man7.org/linux/man-pages/man2/lseek.2.html: > Upon successful completion, lseek() returns the resulting offset > location as measured in bytes from the beginning of the file. So in this case value of `size` and `size` is `uint64_t`. This fix change declaration of `ret`, but it can be fixed in other ways. Let me know what works for you. This PR fix issues (https://github.com/lxc/lxc/issues/1872). Signed-off-by: Lukasz Jagiello <lukasz@wikia-inc.com>

lseek - integer overflow
5b29b6a7 · Lukasz Jagiello · Christian Brauner · 56e193a6 · 5b29b6a7
Unverified Commit 5b29b6a7 authored Aug 18, 2018 by Lukasz Jagiello Committed by Christian Brauner Aug 19, 2018
Show whitespace changes
Inline Side-by-side

Showing with 3 additions and 2 deletions

loop.c src/lxc/storage/loop.c +3 -2

No files found.
--- a/src/lxc/storage/loop.c
+++ b/src/lxc/storage/loop.c
@@ -297,6 +297,7 @@ int loop_umount(struct lxc_storage *bdev)
 static int do_loop_create(const char *path, uint64_t size, const char *fstype)
 {
 	int fd, ret;
+	off_t ret_size;
 	char cmd_output[MAXPATHLEN];
 	const char *cmd_args[2] = {fstype, path};
@@ -307,8 +308,8 @@ static int do_loop_create(const char *path, uint64_t size, const char *fstype)
 		return -1;
 	}
-	ret = lseek(fd, size, SEEK_SET);
+	ret_size = lseek(fd, size, SEEK_SET);
-	if (ret < 0) {
+	if (ret_size < 0) {
 		SYSERROR("Failed to seek to set new loop file size for loop "
 			 "file \"%s\"", path);
 		close(fd);