On Tue, Apr 10, 2018 at 12:01:04AM -0700, Eric Biggers wrote: > From: Eric Biggers <ebiggers@xxxxxxxxxx> > > During the "insert range" fallocate operation, extents starting at the > range offset are shifted "right" (to a higher file offset) by the range > length. But, as shown by syzbot, it's not validated that this doesn't > cause extents to be shifted beyond EXT_MAX_BLOCKS. In that case > ->ee_block can wrap around, corrupting the extent tree. > > Fix it by returning an error if the space between the end of the last > extent and EXT4_MAX_BLOCKS is smaller than the range being inserted. > Applied, thanks. - Ted
