jfs: fix slab-out-of-bounds Read in dtSearch

Currently while searching for current page in the sorted entry table
of the page there is a out of bound access. Added a bound check to fix
the error.

Dave:
Set return code to -EIO

Reported-by: kernel test robot <lkp@intel.com>
Reported-by: Dan Carpenter <dan.carpenter@linaro.org>
Closes: https://lore.kernel.org/r/202310241724.Ed02yUz9-lkp@intel.com/
Signed-off-by: Manas Ghandat <ghandatmanas@gmail.com>
Signed-off-by: Dave Kleikamp <dave.kleikamp@oracle.com>

diff --git a/fs/jfs/jfs_dtree.c b/fs/jfs/jfs_dtree.c
index f3d3e8b3f50cd8ea36eedf53d15f6a3846ede12c..031d8f570f581f92f81eca48bf76062576d10cfd 100644 (file)
--- a/fs/jfs/jfs_dtree.c
+++ b/fs/jfs/jfs_dtree.c
@@ -633,6 +633,11 @@ int dtSearch(struct inode *ip, struct component_name * key, ino_t * data,
                for (base = 0, lim = p->header.nextindex; lim; lim >>= 1) {
                        index = base + (lim >> 1);
 
+                       if (stbl[index] < 0) {
+                               rc = -EIO;
+                               goto out;
+                       }
+
                        if (p->header.flag & BT_LEAF) {
                                /* uppercase leaf name to compare */
                                cmp =