btrfs: compression: add an ASSERT() to ensure the read-in length is sane

There are already two bugs (one in zlib, one in zstd) that involved
compression path is not handling sector size < page size cases well.

So it makes more sense to make sure that btrfs_compress_folios() returns

Since we already have two bugs (one in zlib, one in zstd) in the
compression path resulting the @total_in be to larger than the
to-be-compressed range length, there is enough reason to add an ASSERT()
to make sure the total read-in length doesn't exceed the input length.

Signed-off-by: Qu Wenruo <wqu@suse.com>
Signed-off-by: David Sterba <dsterba@suse.com>

diff --git a/fs/btrfs/compression.c b/fs/btrfs/compression.c
index 90aef2627ca27b104e9929a1b384c35348ed103b..6e9c4a5e0d51af5a2efc5141880bbc6026c1e189 100644 (file)
--- a/fs/btrfs/compression.c
+++ b/fs/btrfs/compression.c
@@ -1030,6 +1030,7 @@ int btrfs_compress_folios(unsigned int type_level, struct address_space *mapping
 {
        int type = btrfs_compress_type(type_level);
        int level = btrfs_compress_level(type_level);
+       const unsigned long orig_len = *total_out;
        struct list_head *workspace;
        int ret;
 
@@ -1037,6 +1038,8 @@ int btrfs_compress_folios(unsigned int type_level, struct address_space *mapping
        workspace = get_workspace(type, level);
        ret = compression_compress_pages(type, workspace, mapping, start, folios,
                                         out_folios, total_in, total_out);
+       /* The total read-in bytes should be no larger than the input. */
+       ASSERT(*total_in <= orig_len);
        put_workspace(type, workspace);
        return ret;
 }