[Samba] vfs fruit disk_free fails on tmsize overflow with macOS Time Machine
Jeremy Allison
jra at samba.org
Mon Feb 24 20:34:01 UTC 2020
On Mon, Feb 24, 2020 at 08:11:34PM +0000, Arthur M. Gallagher wrote:
> On Mon, Feb 24, 2020 at 7:32PM +0000, Jeremy Allison via samba wrote:
>
> > Having said that, your fix looks like it's
> > removing a bunch of overflow safety checks,
> > so I'm not sure it's the right one.
>
> >> - if (bandsize > SIZE_MAX/nbands) {
> >> - DBG_ERR("tmsize overflow: bandsize [%zu] nbands [%zu]\n",
> >> <snip>
> >> - if (state->total_size + tm_size < state->total_size) {
> >> - DBG_ERR("tmsize overflow: bandsize [%zu] nbands [%zu]\n",
> >> <snip>
> >> + tm_size = (off_t)bandsize * (off_t)nbands;
>
> The problem was that the overflow failsafes were tripping, so this simply increased the precision by forced typing in the arithmetic – that should obviate the need for the overflow checks in the first place. However if you'd rather I can ensure it scales up to check for bigger overflows instead
Yes please. We need to keep the overflow checks,
as this is on user-supplied data I believe.
More information about the samba-technical
mailing list