Google Git
Sign in
kernel/pub/scm/linux/kernel/git/xiang/erofs-utils/refs/heads/dev^!/.
commit
4db4cefb1d24b14bb06edc762c372fb9eea533eb
[log]
author
Gao Xiang <hsiangkao@linux.alibaba.com>
Mon Jun 15 16:40:11 2026 +0800
committer
Gao Xiang <hsiangkao@linux.alibaba.com>
Tue Jun 16 13:58:19 2026 +0800
tree
5f9ba98a0bfbe90ce3a1f87539536c6cf269dfb3
parent
d74ceeff4a8de30c42b7023908b294d2e84a2997 [diff]
erofs-utils: fsck: fix potential overflow due to u64-to-u32 truncation

It seems possible but no reproducible way made into public.

Reported-by: Tristan <TristanInSec@gmail.com>
Closes: https://lore.kernel.org/r/CAA1XrhPMekMqAnRkC-jV9rTsO4LHjzh=kxn6zQKMgBrqfrnp8A@mail.gmail.com/2-u64-to-u32-truncation-overflow.txt
Signed-off-by: Gao Xiang <hsiangkao@linux.alibaba.com>
Link: https://lore.kernel.org/r/20260615084011.325686-3-hsiangkao@linux.alibaba.com

diff --git a/fsck/main.c b/fsck/main.c
index 15f1e10..759ca7d 100644
--- a/fsck/main.c
+++ b/fsck/main.c

@@ -513,7 +513,7 @@
 	bool compressed;
 	erofs_off_t pos = 0;
 	u64 pchunk_len = 0;
-	unsigned int raw_size = 0, buffer_size = 0;
+	u64 raw_size = 0, buffer_size = 0;
 	char *raw = NULL, *buffer = NULL;
 
 	erofs_dbg("verify data chunk of nid(%llu): type(%d)",