From 1941d7bcb474aa38caca16e6d3416e623d37d800 Mon Sep 17 00:00:00 2001
From: Sheng Yong <shengyong1@huawei.com>
Date: Wed, 8 Mar 2017 10:47:12 +0800
Subject: [PATCH] f2fs: check range before defragment

This patch checks the parameter range passed by ioctl to void that range
exceeds the max_file_blocks limit.

Signed-off-by: Sheng Yong <shengyong1@huawei.com>
Reviewed-by: Chao Yu <yuchao0@huawei.com>
Signed-off-by: Jaegeuk Kim <jaegeuk@kernel.org>
---
 fs/f2fs/file.c | 6 ++++++
 1 file changed, 6 insertions(+)

diff --git a/fs/f2fs/file.c b/fs/f2fs/file.c
index 427ab1b41de3..300d62015c24 100644
--- a/fs/f2fs/file.c
+++ b/fs/f2fs/file.c
@@ -2054,6 +2054,12 @@ static int f2fs_ioc_defragment(struct file *filp, unsigned long arg)
 		goto out;
 	}
 
+	if (unlikely((range.start + range.len) >> PAGE_SHIFT >
+					sbi->max_file_blocks)) {
+		err = -EINVAL;
+		goto out;
+	}
+
 	err = f2fs_defragment_range(sbi, filp, &range);
 	f2fs_update_time(sbi, REQ_TIME);
 	if (err < 0)
-- 
2.39.5