From d4e8e135a9af7d8d939bba1874ab314322fc2dc2 Mon Sep 17 00:00:00 2001
From: Kari Argillander <kari.argillander@gmail.com>
Date: Wed, 25 Aug 2021 21:24:35 +0300
Subject: [Backport d4e8e135a9af] src: Fix integer overflow in ni_fiemap
 with fiemap_prep()

Use fiemap_prep() to check valid flags. It also shrink request scope
(@len) to what the fs can actually handle.

This address following Smatch static checker warning:
	src/frecord.c:1894 ni_fiemap()
	warn: potential integer overflow from user 'vbo + len'

Because fiemap_prep() shrinks @len this cannot happened anymore.

Reported-by: Dan Carpenter <dan.carpenter@oracle.com>
Link: lore.kernel.org/ntfs3/20210825080440.GA17407@kili/

Fixes: 4342306f0f0d ("src: Add file operations and implementation")
Signed-off-by: Kari Argillander <kari.argillander@gmail.com>
Signed-off-by: Konstantin Komarov <almaz.alexandrovich@paragon-software.com>
---
 src/file.c | 5 +++--
 1 file changed, 3 insertions(+), 2 deletions(-)

diff --git a/src/file.c b/src/file.c
index 89557d60a9b0f0e657ce9465504b417bbb50ed04..f9c9a8c91b46d6fad597c954c3b4a2cd331ebfb6 100644
--- a/src/file.c
+++ b/src/file.c
@@ -1212,8 +1212,9 @@ int ntfs_fiemap(struct inode *inode, struct fiemap_extent_info *fieinfo,
 	int err;
 	struct ntfs_inode *ni = ntfs_i(inode);
 
-	if (fieinfo->fi_flags & FIEMAP_FLAG_XATTR)
-		return -EOPNOTSUPP;
+	err = fiemap_prep(inode, fieinfo, start, &len, ~FIEMAP_FLAG_XATTR);
+	if (err)
+		return err;
 
 	ni_lock(ni);
 
-- 
2.31.1