From: Andrea Arcangeli <andrea@suse.de>
To: "H . J . Lu" <hjl@valinux.com>
Cc: linux kernel <linux-kernel@vger.kernel.org>
Subject: Re: lseek/llseek allows the negative offset
Date: Sat, 18 Nov 2000 19:25:42 +0100 [thread overview]
Message-ID: <20001118192542.B24555@athlon.random> (raw)
In-Reply-To: <20001117155913.A26622@valinux.com> <20001117160900.A27010@valinux.com>
In-Reply-To: <20001117160900.A27010@valinux.com>; from hjl@valinux.com on Fri, Nov 17, 2000 at 04:09:00PM -0800
On Fri, Nov 17, 2000 at 04:09:00PM -0800, H . J . Lu wrote:
> On Fri, Nov 17, 2000 at 03:59:13PM -0800, H . J . Lu wrote:
> > # gcc x.c
> > # ./a.out
> > lseek on -100000: -100000
> > write: File too large
> >
> > Should kernel allow negative offsets for lseek/llseek?
> >
> >
>
> Never mind. I was running the wrong kernel.
With 2.2.18pre21aa2 this little proggy:
main()
{
int fd = creat("x", 0600);
lseek(fd, 0x80000000, 0);
}
get confused this way:
lseek(3, 2147483648, SEEK_SET) = -1 ERRNO_0 (Success)
_exit(-2147483648) = ?
I fixed it this way:
diff -urN 2.2.18pre21/fs/read_write.c lseek/fs/read_write.c
--- 2.2.18pre21/fs/read_write.c Tue Sep 5 02:28:49 2000
+++ lseek/fs/read_write.c Sat Nov 18 18:42:55 2000
@@ -53,6 +53,10 @@
struct dentry * dentry;
struct inode * inode;
+ retval = -EINVAL;
+ if (offset < 0)
+ goto out_nolock;
+
lock_kernel();
retval = -EBADF;
file = fget(fd);
@@ -69,6 +73,7 @@
fput(file);
bad:
unlock_kernel();
+out_nolock:
return retval;
}
@@ -83,6 +88,11 @@
struct inode * inode;
loff_t offset;
+ retval = -EINVAL;
+ offset = ((loff_t) offset_high << 32) | offset_low;
+ if (offset < 0)
+ goto out_nolock;
+
lock_kernel();
retval = -EBADF;
file = fget(fd);
@@ -96,8 +106,7 @@
if (origin > 2)
goto out_putf;
- offset = llseek(file, ((loff_t) offset_high << 32) | offset_low,
- origin);
+ offset = llseek(file, offset, origin);
retval = (int)offset;
if (offset >= 0) {
@@ -109,6 +118,7 @@
fput(file);
bad:
unlock_kernel();
+out_nolock:
return retval;
}
#endif
I've not tried yet in practice but by reading sources 2.4.x has the same bug
since doing the check internally to ext2 is too late to handle the 32bit
(non-lfs) lseek interface. After moving the checks into the vfs (that seems
the right thing to do to me) the check internally to ext2 can be removed of
course (it was superflous anyways because ext2 file size is limited to 4T
that's not negative value in 64bit signed math)
Andrea
-
To unsubscribe from this list: send the line "unsubscribe linux-kernel" in
the body of a message to majordomo@vger.kernel.org
Please read the FAQ at http://www.tux.org/lkml/
next prev parent reply other threads:[~2000-11-18 18:56 UTC|newest]
Thread overview: 9+ messages / expand[flat|nested] mbox.gz Atom feed top
2000-11-17 23:59 lseek/llseek allows the negative offset H . J . Lu
2000-11-18 0:09 ` H . J . Lu
2000-11-18 18:25 ` Andrea Arcangeli [this message]
2000-11-18 22:41 ` H . J . Lu
2000-11-19 0:45 ` Andrea Arcangeli
2000-11-19 1:20 ` H . J . Lu
2000-11-19 3:07 ` Andrea Arcangeli
2000-11-19 3:46 ` H . J . Lu
2000-11-20 1:56 ` Andrea Arcangeli
Reply instructions:
You may reply publicly to this message via plain-text email
using any one of the following methods:
* Save the following mbox file, import it into your mail client,
and reply-to-all from there: mbox
Avoid top-posting and favor interleaved quoting:
https://en.wikipedia.org/wiki/Posting_style#Interleaved_style
* Reply using the --to, --cc, and --in-reply-to
switches of git-send-email(1):
git send-email \
--in-reply-to=20001118192542.B24555@athlon.random \
--to=andrea@suse.de \
--cc=hjl@valinux.com \
--cc=linux-kernel@vger.kernel.org \
/path/to/YOUR_REPLY
https://kernel.org/pub/software/scm/git/docs/git-send-email.html
* If your mail client supports setting the In-Reply-To header
via mailto: links, try the mailto: link
Be sure your reply has a Subject: header at the top and a blank line
before the message body.
This is a public inbox, see mirroring instructions
for how to clone and mirror all data and code used for this inbox