In order to simplify truncate operation on the file which only has lower, we allow specifying larger size than lower file when calling ovl_copy_up_data(), so we should check actual copy size carefully before doing copy-up. Signed-off-by: Chengguang Xu <cgxu519@xxxxxxxxxxxx> --- fs/overlayfs/copy_up.c | 3 +++ 1 file changed, 3 insertions(+) diff --git a/fs/overlayfs/copy_up.c b/fs/overlayfs/copy_up.c index 8b92b3ba3c46..a1a9a150405a 100644 --- a/fs/overlayfs/copy_up.c +++ b/fs/overlayfs/copy_up.c @@ -156,6 +156,9 @@ static int ovl_copy_up_data(struct ovl_fs *ofs, struct path *old, goto out_fput; } + len = (len <= i_size_read(file_inode(old_file))) ? len : + i_size_read(file_inode(old_file)); + /* Try to use clone_file_range to clone up within the same fs */ cloned = do_clone_file_range(old_file, 0, new_file, 0, len, 0); if (cloned == len) -- 2.27.0
