summaryrefslogtreecommitdiffstats
diff options
context:
space:
mode:
authorJaegeuk Kim <jaegeuk@kernel.org>2017-08-21 13:51:32 -0700
committerJaegeuk Kim <jaegeuk@kernel.org>2017-08-29 10:02:58 -0700
commitadb6dc197187e2a5f5a7bed01e722f46a58676af (patch)
tree942179811d50c40299106aa5d294270099bcde55
parent0adf6a1b796777f5d19a9b7442172016aeb8020a (diff)
downloadlinux-adb6dc197187e2a5f5a7bed01e722f46a58676af.tar.gz
linux-adb6dc197187e2a5f5a7bed01e722f46a58676af.tar.bz2
linux-adb6dc197187e2a5f5a7bed01e722f46a58676af.zip
f2fs: return error when accessing insane flie offset
If file offset is insane, we have to return error instead of kernel panic. Reported-by: Eric Zhang <followme999@163.com> Signed-off-by: Jaegeuk Kim <jaegeuk@kernel.org>
-rw-r--r--fs/f2fs/node.c6
1 files changed, 5 insertions, 1 deletions
diff --git a/fs/f2fs/node.c b/fs/f2fs/node.c
index 9168c304fd58..2654c9166fba 100644
--- a/fs/f2fs/node.c
+++ b/fs/f2fs/node.c
@@ -555,7 +555,7 @@ static int get_node_path(struct inode *inode, long block,
level = 3;
goto got;
} else {
- BUG();
+ return -E2BIG;
}
got:
return level;
@@ -579,6 +579,8 @@ int get_dnode_of_data(struct dnode_of_data *dn, pgoff_t index, int mode)
int err = 0;
level = get_node_path(dn->inode, index, offset, noffset);
+ if (level < 0)
+ return level;
nids[0] = dn->inode->i_ino;
npage[0] = dn->inode_page;
@@ -878,6 +880,8 @@ int truncate_inode_blocks(struct inode *inode, pgoff_t from)
trace_f2fs_truncate_inode_blocks_enter(inode, from);
level = get_node_path(inode, from, offset, noffset);
+ if (level < 0)
+ return level;
page = get_node_page(sbi, inode->i_ino);
if (IS_ERR(page)) {