iomap: Fix possible overflow condition in iomap_write_delalloc_scan

[ Upstream commit eee2d2e6ea5550118170dbd5bb1316ceb38455fb ]

folio_next_index() returns an unsigned long value which left shifted
by PAGE_SHIFT could possibly cause an overflow on 32-bit system. Instead
use folio_pos(folio) + folio_size(folio), which does this correctly.

Suggested-by: Matthew Wilcox <willy@infradead.org>
Signed-off-by: Ritesh Harjani (IBM) <ritesh.list@gmail.com>
Reviewed-by: Darrick J. Wong <djwong@kernel.org>
Signed-off-by: Rajani Kantha <681739313@139.com>
Signed-off-by: Greg Kroah-Hartman <gregkh@linuxfoundation.org>

diff --git a/fs/iomap/buffered-io.c b/fs/iomap/buffered-io.c
index 70e246f7e8fe8c9a007bf879b18150b47bbc14a6..e4f58d1e12d4897c7386b197e692d33825732929 100644 (file)
--- a/fs/iomap/buffered-io.c
+++ b/fs/iomap/buffered-io.c
@@ -903,7 +903,7 @@ static int iomap_write_delalloc_scan(struct inode *inode,
                         * the end of this data range, not the end of the folio.
                         */
                        *punch_start_byte = min_t(loff_t, end_byte,
-                                       folio_next_index(folio) << PAGE_SHIFT);
+                                       folio_pos(folio) + folio_size(folio));
                }
 
                /* move offset to start of next folio in range */