bcachefs: fix overflow in fiemap

filefrag (and potentially other utilities that call fiemap) sometimes
pass ULONG_MAX as the length.  fiemap_prep clamps excessively large
lengths - but the calculation of end can overflow if it occurs before
calling fiemap_prep.  When this happens, filefrag assumes it has read to
the end and exits.

Signed-off-by: Reed Riley <reed@riley.engineer>
Signed-off-by: Kent Overstreet <kent.overstreet@linux.dev>

diff --git a/fs/bcachefs/fs.c b/fs/bcachefs/fs.c
index fce690007edfce089f054d81cc862c04c132c2b3..6f114803c6f23951189872cedf0f41144fa81b07 100644 (file)
--- a/fs/bcachefs/fs.c
+++ b/fs/bcachefs/fs.c
@@ -964,7 +964,6 @@ static int bch2_fiemap(struct inode *vinode, struct fiemap_extent_info *info,
        struct btree_iter iter;
        struct bkey_s_c k;
        struct bkey_buf cur, prev;
-       struct bpos end = POS(ei->v.i_ino, (start + len) >> 9);
        unsigned offset_into_extent, sectors;
        bool have_extent = false;
        u32 snapshot;
@@ -974,6 +973,7 @@ static int bch2_fiemap(struct inode *vinode, struct fiemap_extent_info *info,
        if (ret)
                return ret;
 
+       struct bpos end = POS(ei->v.i_ino, (start + len) >> 9);
        if (start + len < start)
                return -EINVAL;