Btrfs: fix error handling in map_private_extent_buffer
authorLiu Bo <bo.li.liu@oracle.com>
Sat, 18 Jun 2016 02:16:21 +0000 (19:16 -0700)
committerChris Mason <clm@fb.com>
Thu, 23 Jun 2016 17:44:40 +0000 (10:44 -0700)
commit415b35a55b57a701afe7391d32a6bb0193b7d3da
tree2e54dbe6ce61612eb8661107fded18fd656c1289
parent04e1b65af2085d4102b2b5d2fd1e050f8ee63092
Btrfs: fix error handling in map_private_extent_buffer

map_private_extent_buffer() can return -EINVAL in two different cases,
1. when the requested contents span two pages if nodesize is larger
   than pagesize,
2. when it detects something insane.

The 2nd one used to be only a WARN_ON(1), and we decided to return a error
to callers, but we didn't fix up all its callers, which will be
addressed by this patch.

Without this, btrfs may end up with 'general protection', ie.
reading invalid memory.

Reported-by: Vegard Nossum <vegard.nossum@oracle.com>
Signed-off-by: Liu Bo <bo.li.liu@oracle.com>
Signed-off-by: David Sterba <dsterba@suse.com>
Signed-off-by: Chris Mason <clm@fb.com>
fs/btrfs/ctree.c
fs/btrfs/extent_io.c