From d825351f02cbc1529e779d43d1942c5313855595 Mon Sep 17 00:00:00 2001
From: LI Qing <geding.lq@alibaba-inc.com>
Date: Fri, 17 Jan 2020 09:55:38 +0000
Subject: [PATCH] Fix potential overflow or underflow of offset in INodeFile's
 seek

---
 src/libos/src/fs/inode_file.rs | 16 ++++++++++++----
 1 file changed, 12 insertions(+), 4 deletions(-)

diff --git a/src/libos/src/fs/inode_file.rs b/src/libos/src/fs/inode_file.rs
index d47fb3a9..f7087b92 100644
--- a/src/libos/src/fs/inode_file.rs
+++ b/src/libos/src/fs/inode_file.rs
@@ -96,11 +96,19 @@ impl File for INodeFile {
 
     fn seek(&self, pos: SeekFrom) -> Result<off_t> {
         let mut offset = self.offset.lock().unwrap();
-        *offset = match pos {
-            SeekFrom::Start(off) => off as usize,
-            SeekFrom::End(off) => (self.inode.metadata()?.size as i64 + off) as usize,
-            SeekFrom::Current(off) => (*offset as i64 + off) as usize,
+        let new_offset = match pos {
+            SeekFrom::Start(off) => off as i64,
+            SeekFrom::End(off) => (self.inode.metadata()?.size as i64)
+                .checked_add(off)
+                .ok_or_else(|| errno!(EOVERFLOW, "file offset overflow"))?,
+            SeekFrom::Current(off) => (*offset as i64)
+                .checked_add(off)
+                .ok_or_else(|| errno!(EOVERFLOW, "file offset overflow"))?,
         };
+        if new_offset < 0 {
+            return_errno!(EINVAL, "file offset is negative");
+        }
+        *offset = new_offset as usize;
         Ok(*offset as i64)
     }