From c2574aaa5d98684519f0dfa64abe6896aeb124c6 Mon Sep 17 00:00:00 2001 From: OGAWA Hirofumi Date: Thu, 14 Jun 2018 15:27:21 -0700 Subject: [PATCH] fat: use fat_fs_error() instead of BUG_ON() in __fat_get_block() If file size and FAT cluster chain is not matched (corrupted image), we can hit BUG_ON(!phys) in __fat_get_block(). So, use fat_fs_error() instead. [hirofumi@mail.parknet.co.jp: fix printk warning] Link: http://lkml.kernel.org/r/87po12aq5p.fsf@mail.parknet.co.jp Link: http://lkml.kernel.org/r/874lilcu67.fsf@mail.parknet.co.jp Signed-off-by: OGAWA Hirofumi Reported-by: Anatoly Trosinenko Tested-by: Anatoly Trosinenko Signed-off-by: Andrew Morton Signed-off-by: Linus Torvalds --- fs/fat/inode.c | 8 +++++++- 1 file changed, 7 insertions(+), 1 deletion(-) diff --git a/fs/fat/inode.c b/fs/fat/inode.c index ffbbf0520d9e..4f818f7fa155 100644 --- a/fs/fat/inode.c +++ b/fs/fat/inode.c @@ -158,8 +158,14 @@ static inline int __fat_get_block(struct inode *inode, sector_t iblock, err = fat_bmap(inode, iblock, &phys, &mapped_blocks, create, false); if (err) return err; + if (!phys) { + fat_fs_error(sb, + "invalid FAT chain (i_pos %lld, last_block %llu)", + MSDOS_I(inode)->i_pos, + (unsigned long long)last_block); + return -EIO; + } - BUG_ON(!phys); BUG_ON(*max_blocks != mapped_blocks); set_buffer_new(bh_result); map_bh(bh_result, sb, phys);