From mboxrd@z Thu Jan 1 00:00:00 1970 Return-Path: X-Google-Smtp-Source: AH8x2252txJArhXZmY15f7apN/rCVtLX3aOytohGBHNfPkxLHDdK8Ax1VYcl0qEIcGDmJqwamQgs ARC-Seal: i=1; a=rsa-sha256; t=1517256360; cv=none; d=google.com; s=arc-20160816; b=kmlBEE0aP3RTo17CVx3Wb/B8EsfgPgs0N6AF41rGEi+J8acBxLb2Z9M3BWbwsFaBxa eD/ZL7BaZmldMClwZbW+YDmM2+JEW/bq/EvTSu3SH2jvehTM680V9xCU3cYGnebxqZyX QqJdsaW3egEVrgnF52I8bKFdnzWKb+lMAJMK2wG6wJrEqH5mAPf/Z5q7OrSB6/zZIarv tHheG0J3+NVuSG79Si34siTTSoi0ThcUCRtqLzyyrQOwxB6k7cHUkLLhywT7Aevowq/E z58a7X7o8rDtRyhJT9V/1dIVc0NDR6ZOgBZrxfqYfJcMYr3qR4BYgFde5lH/6q9IUkje 9ERw== ARC-Message-Signature: i=1; a=rsa-sha256; c=relaxed/relaxed; d=google.com; s=arc-20160816; h=mime-version:user-agent:references:in-reply-to:message-id:date :subject:cc:to:from:arc-authentication-results; bh=pbWbbz83cNfMNwhU8ETvYZcUtnV+N7oeXo0KR0iYqvE=; b=nusRXQYmg1x86r1RU7MNU6BXqjGLPhVR4hLWqBk7QuTu2rZZS04OfRM1m5Jh1q9F+p So/M+0OnxcT2v/DDt8D6qd1jB9EgnCpDcGAcwd9rv914GpfnGxwocKKqtcDOJJmIL9an McYde5ddLPIJGXCl1Eqnahybp1/w7bfjf63LtCZ/muUbJo+rfEmpg/VaC+dNCBJTRzRs aImto/v8R7HZVnkF6kVQiceevRU+QTQs4RoLTAHP1wzNO2QQLh7eQMrDzQZ1NCLX3ll2 XsAyXU+oxPb1VaKCNBPPi9bgkBiaej+lsC+KEuIPPa8t9NRGndIwQDS9zfFjYiHndiuF j0mw== ARC-Authentication-Results: i=1; mx.google.com; spf=softfail (google.com: domain of transitioning gregkh@linuxfoundation.org does not designate 90.92.71.90 as permitted sender) smtp.mailfrom=gregkh@linuxfoundation.org Authentication-Results: mx.google.com; spf=softfail (google.com: domain of transitioning gregkh@linuxfoundation.org does not designate 90.92.71.90 as permitted sender) smtp.mailfrom=gregkh@linuxfoundation.org From: Greg Kroah-Hartman To: linux-kernel@vger.kernel.org Cc: Greg Kroah-Hartman , stable@vger.kernel.org, Jiri Slaby , Davidlohr Bueso , Manfred Spraul , Andrew Morton , Linus Torvalds Subject: [PATCH 3.18 26/52] ipc: msg, make msgrcv work with LONG_MIN Date: Mon, 29 Jan 2018 13:56:44 +0100 Message-Id: <20180129123629.344248437@linuxfoundation.org> X-Mailer: git-send-email 2.16.1 In-Reply-To: <20180129123628.168904217@linuxfoundation.org> References: <20180129123628.168904217@linuxfoundation.org> User-Agent: quilt/0.65 MIME-Version: 1.0 Content-Type: text/plain; charset=UTF-8 X-getmail-retrieved-from-mailbox: INBOX X-GMAIL-LABELS: =?utf-8?b?IlxcU2VudCI=?= X-GMAIL-THRID: =?utf-8?q?1590958517461058476?= X-GMAIL-MSGID: =?utf-8?q?1590958605680967630?= X-Mailing-List: linux-kernel@vger.kernel.org List-ID: 3.18-stable review patch. If anyone has any objections, please let me know. ------------------ From: Jiri Slaby commit 999898355e08ae3b92dfd0a08db706e0c6703d30 upstream. When LONG_MIN is passed to msgrcv, one would expect to recieve any message. But convert_mode does *msgtyp = -*msgtyp and -LONG_MIN is undefined. In particular, with my gcc -LONG_MIN produces -LONG_MIN again. So handle this case properly by assigning LONG_MAX to *msgtyp if LONG_MIN was specified as msgtyp to msgrcv. This code: long msg[] = { 100, 200 }; int m = msgget(IPC_PRIVATE, IPC_CREAT | 0644); msgsnd(m, &msg, sizeof(msg), 0); msgrcv(m, &msg, sizeof(msg), LONG_MIN, 0); produces currently nothing: msgget(IPC_PRIVATE, IPC_CREAT|0644) = 65538 msgsnd(65538, {100, "\310\0\0\0\0\0\0\0\0\0\0\0\0\0\0\0"}, 16, 0) = 0 msgrcv(65538, ... Except a UBSAN warning: UBSAN: Undefined behaviour in ipc/msg.c:745:13 negation of -9223372036854775808 cannot be represented in type 'long int': With the patch, I see what I expect: msgget(IPC_PRIVATE, IPC_CREAT|0644) = 0 msgsnd(0, {100, "\310\0\0\0\0\0\0\0\0\0\0\0\0\0\0\0"}, 16, 0) = 0 msgrcv(0, {100, "\310\0\0\0\0\0\0\0\0\0\0\0\0\0\0\0"}, 16, -9223372036854775808, 0) = 16 Link: http://lkml.kernel.org/r/20161024082633.10148-1-jslaby@suse.cz Signed-off-by: Jiri Slaby Cc: Davidlohr Bueso Cc: Manfred Spraul Signed-off-by: Andrew Morton Signed-off-by: Linus Torvalds Signed-off-by: Greg Kroah-Hartman --- ipc/msg.c | 5 ++++- 1 file changed, 4 insertions(+), 1 deletion(-) --- a/ipc/msg.c +++ b/ipc/msg.c @@ -740,7 +740,10 @@ static inline int convert_mode(long *msg if (*msgtyp == 0) return SEARCH_ANY; if (*msgtyp < 0) { - *msgtyp = -*msgtyp; + if (*msgtyp == LONG_MIN) /* -LONG_MIN is undefined */ + *msgtyp = LONG_MAX; + else + *msgtyp = -*msgtyp; return SEARCH_LESSEQUAL; } if (msgflg & MSG_EXCEPT)