xfs_repair: fix infinite loop in longform_dir2_entry_check*
If someone corrupts the data fork of a directory to have a bmap record
whose br_startoff only has bits set in the upper 32 bits, the code will
suffer an integer overflow when assigning the 64-bit next_da_bno to the
32-bit da_bno. This leads to an infinite loop.
Found by fuzzing xfs/812 with u3.bmx[0].startoff = firstbit.
Signed-off-by: Darrick J. Wong <djwong@kernel.org> Reviewed-by: Christoph Hellwig <hch@lst.de>
projects / thirdparty / xfsprogs-dev.git / commit
