[PATCH] erofs-utils: lib: fix global-buffer-overflow due to invalid device

[Gao Xiang]

Fuzzer generates an image with crafted chunks of some invalid device.
Also refine the printed message of EOD.

Closes: https://github.com/erofs/erofsnightly/actions/runs/10172576269/job/28135408276
Closes: https://github.com/erofs/erofs-utils/issues/11
Signed-off-by: Gao Xiang <hsiangkao at linux.alibaba.com>
---
 lib/io.c | 7 ++++++-
 1 file changed, 6 insertions(+), 1 deletion(-)

diff --git a/lib/io.c b/lib/io.c
index 6bfae69..fbeff03 100644
--- a/lib/io.c
+++ b/lib/io.c
@@ -342,6 +342,10 @@ ssize_t erofs_dev_read(struct erofs_sb_info *sbi, int device_id,
 	ssize_t read;
 
 	if (device_id) {
+		if (device_id >= sbi->nblobs) {
+			erofs_err("invalid device id %u", device_id);
+			return -EIO;
+		}
 		read = erofs_io_pread(&((struct erofs_vfile) {
 				.fd = sbi->blobfd[device_id - 1],
 			}), buf, offset, len);
@@ -352,7 +356,8 @@ ssize_t erofs_dev_read(struct erofs_sb_info *sbi, int device_id,
 	if (read < 0)
 		return read;
 	if (read < len) {
-		erofs_info("reach EOF of device, pading with zeroes");
+		erofs_info("reach EOF of device @ %llu, pading with zeroes",
+			   offset | 0ULL);
 		memset(buf + read, 0, len - read);
 	}
 	return 0;
-- 
2.43.5