btrfs: use common eb range validation in read_extent_buffer_to_user_nofault()

The extent buffer access is checked in other helpers by
check_eb_range(), which validates the requested start, length against
the extent buffer. While this almost never fails we should still handle
it as an error and not just warn.

Reviewed-by: Boris Burkov <boris@bur.io>
Signed-off-by: David Sterba <dsterba@suse.com>

diff --git a/fs/btrfs/extent_io.c b/fs/btrfs/extent_io.c
index 211a0aa03afbbe1845dc4e799774b290bbb92ae1..9d7ca80477fda440324cb7854b6bb641000e7210 100644 (file)
--- a/fs/btrfs/extent_io.c
+++ b/fs/btrfs/extent_io.c
@@ -4061,8 +4061,8 @@ int read_extent_buffer_to_user_nofault(const struct extent_buffer *eb,
        unsigned long i;
        int ret = 0;
 
-       WARN_ON(start > eb->len);
-       WARN_ON(start + len > eb->start + eb->len);
+       if (check_eb_range(eb, start, len))
+               return -EINVAL;
 
        if (eb->addr) {
                if (copy_to_user_nofault(dstv, eb->addr + start, len))