qnx4_block_map() may return -EIO on funny qnx4 fs image, in this case do
not interpret -EIO as a correct address
Signed-off-by: Tong Zhang <ztong0...@gmail.com>
---
v2: also check other callers according to Anders Larsen's<a...@alarsen.net>
comment
fs/qnx4/dir.c | 2 ++
fs/qnx4/inode.c | 2 ++
fs/qnx4/namei.c | 3 +++
3 files changed, 7 insertions(+)
diff --git a/fs/qnx4/dir.c b/fs/qnx4/dir.c
index a6ee23aadd28..11aaf59f0411 100644
--- a/fs/qnx4/dir.c
+++ b/fs/qnx4/dir.c
@@ -31,6 +31,8 @@ static int qnx4_readdir(struct file *file, struct dir_context
*ctx)
while (ctx->pos < inode->i_size) {
blknum = qnx4_block_map(inode, ctx->pos >>
QNX4_BLOCK_SIZE_BITS);
+ if (blknum == -EIO)
+ return -EIO;
bh = sb_bread(inode->i_sb, blknum);
if (bh == NULL) {
printk(KERN_ERR "qnx4_readdir: bread failed (%ld)\n",
blknum);
diff --git a/fs/qnx4/inode.c b/fs/qnx4/inode.c
index e8da1cde87b9..d3a40c5b1a9a 100644
--- a/fs/qnx4/inode.c
+++ b/fs/qnx4/inode.c
@@ -59,6 +59,8 @@ static int qnx4_get_block( struct inode *inode, sector_t
iblock, struct buffer_h
QNX4DEBUG((KERN_INFO "qnx4: qnx4_get_block inode=[%ld]
iblock=[%ld]\n",inode->i_ino,iblock));
phys = qnx4_block_map( inode, iblock );
+ if (phys == -EIO)
+ return -EIO;
if ( phys ) {
// logical block is before EOF
map_bh(bh, inode->i_sb, phys);
diff --git a/fs/qnx4/namei.c b/fs/qnx4/namei.c
index 8d72221735d7..164e0c07e3ff 100644
--- a/fs/qnx4/namei.c
+++ b/fs/qnx4/namei.c
@@ -66,6 +66,8 @@ static struct buffer_head *qnx4_find_entry(int len, struct
inode *dir,
while (blkofs * QNX4_BLOCK_SIZE + offset < dir->i_size) {
if (!bh) {
block = qnx4_block_map(dir, blkofs);
+ if (block == -EIO)
+ goto out;
if (block)
bh = sb_bread(dir->i_sb, block);
if (!bh) {
@@ -88,6 +90,7 @@ static struct buffer_head *qnx4_find_entry(int len, struct
inode *dir,
blkofs++;
}
brelse(bh);
+out:
*res_dir = NULL;
return NULL;
}
--
2.25.1
