f2fs: return error when accessing insane flie offset

If file offset is insane, we have to return error instead of kernel panic.

Reported-by: Eric Zhang <followme999@163.com>
Signed-off-by: Jaegeuk Kim <jaegeuk@kernel.org>

diff --git a/fs/f2fs/node.c b/fs/f2fs/node.c
index 9168c30..2654c91 100644 (file)
--- a/fs/f2fs/node.c
+++ b/fs/f2fs/node.c
@@ -555,7 +555,7 @@ static int get_node_path(struct inode *inode, long block,
                level = 3;
                goto got;
        } else {
-               BUG();
+               return -E2BIG;
        }
 got:
        return level;
@@ -579,6 +579,8 @@ int get_dnode_of_data(struct dnode_of_data *dn, pgoff_t index, int mode)
        int err = 0;
 
        level = get_node_path(dn->inode, index, offset, noffset);
+       if (level < 0)
+               return level;
 
        nids[0] = dn->inode->i_ino;
        npage[0] = dn->inode_page;
@@ -878,6 +880,8 @@ int truncate_inode_blocks(struct inode *inode, pgoff_t from)
        trace_f2fs_truncate_inode_blocks_enter(inode, from);
 
        level = get_node_path(inode, from, offset, noffset);
+       if (level < 0)
+               return level;
 
        page = get_node_page(sbi, inode->i_ino);
        if (IS_ERR(page)) {