struct btrfs_fs_info *fs_info = leaf->fs_info;
struct btrfs_free_space_info *fsi;
const u32 blocksize = fs_info->sectorsize;
+ u64 end;
u32 flags;
if (unlikely(!IS_ALIGNED(key->objectid, blocksize))) {
blocksize, BTRFS_KEY_FMT_VALUE(key));
return -EUCLEAN;
}
+ if (unlikely(check_add_overflow(key->objectid, key->offset, &end))) {
+ generic_err(leaf, slot,
+ "free space info key overflows, has " BTRFS_KEY_FMT,
+ BTRFS_KEY_FMT_VALUE(key));
+ return -EUCLEAN;
+ }
if (unlikely(btrfs_item_size(leaf, slot) !=
sizeof(struct btrfs_free_space_info))) {
generic_err(leaf, slot,
struct btrfs_fs_info *fs_info = leaf->fs_info;
const u32 blocksize = fs_info->sectorsize;
const char *type_str = (key->type == BTRFS_FREE_SPACE_EXTENT_KEY) ? "extent" : "bitmap";
+ u64 end;
if (unlikely(!IS_ALIGNED(key->objectid, blocksize))) {
generic_err(leaf, slot,
generic_err(leaf, slot, "free space %s length is 0", type_str);
return -EUCLEAN;
}
+ if (unlikely(check_add_overflow(key->objectid, key->offset, &end))) {
+ generic_err(leaf, slot,
+ "free space %s end overflow, have objectid %llu offset %llu",
+ type_str, key->objectid, key->offset);
+ return -EUCLEAN;
+ }
return 0;
}
projects / thirdparty / linux.git / commitdiff
