e4defrag: fix segfault when e4defrag races with unlink/truncate

If a file gets deleted or truncated while e4defrag is trying to
operate on it, it's possible for it seg fault.

Addresses-Red-Hat-Bugzilla: #641926

Reported-by: Michal Piotrowski <mkkp4x4@gmail.com>
Signed-off-by: Kazuya Mio <k-mio@sx.jp.nec.com>
Signed-off-by: "Theodore Ts'o" <tytso@mit.edu>

diff --git a/misc/e4defrag.c b/misc/e4defrag.c
index e795987c187ac473e1c36633b86d07251cae2fb2..9008bc27f4dc4ff324b3b6351a2d746b03e68084 100644 (file)
--- a/misc/e4defrag.c
+++ b/misc/e4defrag.c
@@ -942,7 +942,7 @@ static int get_file_extents(int fd, struct fiemap_extent_list **ext_list_head)
                fiemap_buf->fm_start = pos;
                memset(ext_buf, 0, ext_buf_size);
                ret = ioctl(fd, FS_IOC_FIEMAP, fiemap_buf);
-               if (ret < 0)
+               if (ret < 0 || fiemap_buf->fm_mapped_extents == 0)
                        goto out;
                for (i = 0; i < fiemap_buf->fm_mapped_extents; i++) {
                        ext_list = NULL;