Re: [PATCH 2.6] Check return value of copy_to_user in fs/cifs/file.c [Re: Linux 2.6.11-rc4]

From: Marcel Sebek
Date: Sun Feb 13 2005 - 12:30:25 EST

Next message: Russell King: "Re: ARM undefined symbols. Again."
Previous message: Olaf Hering: "[PATCH] typos in toplevel Makefile"
In reply to: Luca: "[PATCH 2.6] Check return value of copy_to_user in fs/cifs/file.c [Re: Linux 2.6.11-rc4]"
Next in thread: Luca: "Re: [PATCH 2.6] Check return value of copy_to_user in fs/cifs/file.c [Re: Linux 2.6.11-rc4]"
Messages sorted by: [ date ] [ thread ] [ subject ] [ author ]

On Sun, Feb 13, 2005 at 04:44:16PM +0100, Luca wrote:
> Linus Torvalds <torvalds@xxxxxxxx> ha scritto:
> > this is hopefully the last -rc kernel before the real 2.6.11, so please
> > give it a whirl, and complain loudly about anything broken.
>
> The following patch against 2.6.11-rc4 fixes this compile time warning:
>
> CC [M] fs/cifs/file.o
> fs/cifs/file.c: In function `cifs_user_read':
> fs/cifs/file.c:1168: warning: ignoring return value of
> `copy_to_user', declared with attribute warn_unused_result
>
> I also added an explicit check for errors other than -EAGAIN, since
> CIFSSMBRead may return -ENOMEM if it's unable to allocate smb_com_read_rsp;
> in that case we don't want to call copy_to_user with a NULL pointer.
>
> Signed-off-by: Luca Tettamanti <kronoz@xxxxxxxxxxxxxx>
>
> --- a/fs/cifs/file.c 2005-02-03 17:58:07.000000000 +0100
> +++ b/fs/cifs/file.c 2005-02-03 18:17:37.000000000 +0100
> @@ -1151,7 +1151,7 @@
> current_read_size = min_t(const int,read_size - total_read,cifs_sb->rsize);
> rc = -EAGAIN;
> smb_read_data = NULL;
> - while(rc == -EAGAIN) {
> + while(1) {
> if ((open_file->invalidHandle) && (!open_file->closePend)) {
> rc = cifs_reopen_file(file->f_dentry->d_inode,
> file,TRUE);
> @@ -1164,13 +1164,22 @@
> current_read_size, *poffset,
> &bytes_read, &smb_read_data);
>
> + if (rc == -EAGAIN)
> + continue;
> + else
> + break;
> +
> pSMBr = (struct smb_com_read_rsp *)smb_read_data;
^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^
Perhaps this line and the following lines are never executed with your
patch, am I right?

> - copy_to_user(current_offset,smb_read_data + 4/* RFC1001 hdr*/
> + rc = copy_to_user(current_offset,smb_read_data + 4/* RFC1001 hdr*/
> + le16_to_cpu(pSMBr->DataOffset), bytes_read);
> if(smb_read_data) {
> cifs_buf_release(smb_read_data);
> smb_read_data = NULL;
> }
> + if (rc) {
> + FreeXid(xid);
> + return -EFAULT;
> + }
> }
> if (rc || (bytes_read == 0)) {
> if (total_read) {
>
>

--
Marcel Sebek
jabber: sebek@xxxxxxxxx ICQ: 279852819
linux user number: 307850 GPG ID: 5F88735E
GPG FP: 0F01 BAB8 3148 94DB B95D 1FCA 8B63 CA06 5F88 735E

Attachment: signature.asc
Description: Digital signature

Next message: Russell King: "Re: ARM undefined symbols. Again."
Previous message: Olaf Hering: "[PATCH] typos in toplevel Makefile"
In reply to: Luca: "[PATCH 2.6] Check return value of copy_to_user in fs/cifs/file.c [Re: Linux 2.6.11-rc4]"
Next in thread: Luca: "Re: [PATCH 2.6] Check return value of copy_to_user in fs/cifs/file.c [Re: Linux 2.6.11-rc4]"
Messages sorted by: [ date ] [ thread ] [ subject ] [ author ]