f2fs: check position in move range ioctl

When the move range ioctl is used, check the input and output position and
ensure that it is a non-negative value. Without this check
f2fs_get_dnode_of_data may hit a memmory bug.

Signed-off-by: Dan Robertson <dan@dlrobertson.com>
Reviewed-by: Chao Yu <yuchao0@huawei.com>
Signed-off-by: Jaegeuk Kim <jaegeuk@kernel.org>

diff --git a/fs/f2fs/file.c b/fs/f2fs/file.c
index a7e15be..0a958ee 100644 (file)
--- a/fs/f2fs/file.c
+++ b/fs/f2fs/file.c
@@ -2768,6 +2768,9 @@ static int f2fs_move_file_range(struct file *file_in, loff_t pos_in,
        if (IS_ENCRYPTED(src) || IS_ENCRYPTED(dst))
                return -EOPNOTSUPP;
 
+       if (pos_out < 0 || pos_in < 0)
+               return -EINVAL;
+
        if (src == dst) {
                if (pos_in == pos_out)
                        return 0;