hfsplus: fix overflow in hfsplus_get_block

For filesystems larger than 2TB the final sector number passed to
map_bh might overflow the range representable in a 32-bit data type.
Make sure we use a sector_t for it and the arithmetics calculating it.

Signed-off-by: Christoph Hellwig <hch@tuxera.com>

diff --git a/fs/hfsplus/extents.c b/fs/hfsplus/extents.c
index b1991a2..b9c1a4b 100644 (file)
--- a/fs/hfsplus/extents.c
+++ b/fs/hfsplus/extents.c
@@ -209,6 +209,7 @@ int hfsplus_get_block(struct inode *inode, sector_t iblock,
        struct hfsplus_inode_info *hip = HFSPLUS_I(inode);
        int res = -EIO;
        u32 ablock, dblock, mask;
+       sector_t sector;
        int was_dirty = 0;
        int shift;
 
@@ -255,10 +256,12 @@ int hfsplus_get_block(struct inode *inode, sector_t iblock,
 done:
        dprint(DBG_EXTENT, "get_block(%lu): %llu - %u\n",
                inode->i_ino, (long long)iblock, dblock);
+
        mask = (1 << sbi->fs_shift) - 1;
-       map_bh(bh_result, sb,
-               (dblock << sbi->fs_shift) + sbi->blockoffset +
-                       (iblock & mask));
+       sector = ((sector_t)dblock << sbi->fs_shift) +
+                 sbi->blockoffset + (iblock & mask);
+       map_bh(bh_result, sb, sector);
+
        if (create) {
                set_buffer_new(bh_result);
                hip->phys_size += sb->s_blocksize;