[Natty][SRU][PATCH 0/1] eCryptfs: Infinite loop due to overflow in ecryptfs_write()

Colin King colin.king at canonical.com
Mon Mar 5 14:07:38 UTC 2012

From: Colin Ian King <colin.king at canonical.com>

BugLink: http://bugs.launchpad.net/bugs/947143

SRU justification:


ecryptfs_write() can enter an infinite loop when truncating a file to a
size larger than 4G. This only happens on architectures where size_t is
represented by 32 bits.

This was caused by a size_t overflow due to it incorrectly being used to
store the result of a calculation which uses potentially large values of
type loff_t.


Upstream commit 684a3ff7e69acc7c678d1a1394fe9e757993fd34


Truncating a non-existent file to 5GB on a 32 bit system
will cause the truncate to get stuck in an infinite loop
once the lower file is greater than 1GB. Without the fix,
the following will get stuck:

truncate bigfile -s 5G

With, the fix, the file is truncated to 5GB as expected.

Li Wang (1):
  eCryptfs: Infinite loop due to overflow in ecryptfs_write()

 fs/ecryptfs/read_write.c |    4 ++--
 1 files changed, 2 insertions(+), 2 deletions(-)


More information about the kernel-team mailing list