jfs: Regular file corruption check

[ Upstream commit 2d04df8116426b6c7b9f8b9b371250f666a2a2fb ] The reproducer builds a corrupted file on disk with a negative i_size value. Add a check when opening this file to avoid subsequent operation failures. Reported-by: syzbot+630f6d40b3ccabc8e96e@syzkaller.appspotmail.com Closes: https://syzkaller.appspot.com/bug?extid=630f6d40b3ccabc8e96e Tested-by: syzbot+630f6d40b3ccabc8e96e@syzkaller.appspotmail.com Signed-off-by: Edward Adam Davis <eadavis@qq.com> Signed-off-by: Dave Kleikamp <dave.kleikamp@oracle.com> Signed-off-by: Sasha Levin <sashal@kernel.org>
author: Edward Adam Davis <eadavis@qq.com> 2025-06-04 14:48:43 +0800
committer: Greg Kroah-Hartman <gregkh@linuxfoundation.org> 2025-08-20 18:30:42 +0200
commit: 00462be586b33076f8b8023e7ba697deedc131db (patch)
tree: 13d0075ccd10c59bcfcafa9caacc6ec9438adc39
parent: df3fd8daf278eca365f221749ae5b728e8382a04 (diff)
1 files changed, 3 insertions, 0 deletions
diff --git a/fs/jfs/file.c b/fs/jfs/file.c
index 01b6912e60f8..742cadd1f37e 100644
--- a/fs/jfs/file.c
+++ b/fs/jfs/file.c
@@ -44,6 +44,9 @@ static int jfs_open(struct inode *inode, struct file *file)
 {
 	int rc;
 
+	if (S_ISREG(inode->i_mode) && inode->i_size < 0)
+		return -EIO;
+
 	if ((rc = dquot_file_open(inode, file)))
 		return rc;
author	Edward Adam Davis <eadavis@qq.com>	2025-06-04 14:48:43 +0800
committer	Greg Kroah-Hartman <gregkh@linuxfoundation.org>	2025-08-20 18:30:42 +0200
commit	00462be586b33076f8b8023e7ba697deedc131db (patch)
tree	13d0075ccd10c59bcfcafa9caacc6ec9438adc39
parent	df3fd8daf278eca365f221749ae5b728e8382a04 (diff)