ext4: add inode table check in __ext4_get_inode_loc to aovid possible infinite loop

[platform/kernel/linux-rpi.git] / fs / ext4 / inode.c

diff --git a/fs/ext4/inode.c b/fs/ext4/inode.c
index 26e8859..a381dc0 100644 (file)
--- a/fs/ext4/inode.c
+++ b/fs/ext4/inode.c
@@ -4299,9 +4299,17 @@ static int __ext4_get_inode_loc(struct super_block *sb, unsigned long ino,
        inodes_per_block = EXT4_SB(sb)->s_inodes_per_block;
        inode_offset = ((ino - 1) %
                        EXT4_INODES_PER_GROUP(sb));
-       block = ext4_inode_table(sb, gdp) + (inode_offset / inodes_per_block);
        iloc->offset = (inode_offset % inodes_per_block) * EXT4_INODE_SIZE(sb);
 
+       block = ext4_inode_table(sb, gdp);
+       if ((block <= le32_to_cpu(EXT4_SB(sb)->s_es->s_first_data_block)) ||
+           (block >= ext4_blocks_count(EXT4_SB(sb)->s_es))) {
+               ext4_error(sb, "Invalid inode table block %llu in "
+                          "block_group %u", block, iloc->block_group);
+               return -EFSCORRUPTED;
+       }
+       block += (inode_offset / inodes_per_block);
+
        bh = sb_getblk(sb, block);
        if (unlikely(!bh))
                return -ENOMEM;