Re: [PATCH 2.6] Check return value of copy_to_user in fs/cifs/file.c [Re: Linux 2.6.11-rc4]
On Sun, Feb 13, 2005 at 04:44:16PM +0100, Luca wrote: > Linus Torvalds <[EMAIL PROTECTED]> ha scritto: > > this is hopefully the last -rc kernel before the real 2.6.11, so please > > give it a whirl, and complain loudly about anything broken. > > The following patch against 2.6.11-rc4 fixes this compile time warning: > > CC [M] fs/cifs/file.o > fs/cifs/file.c: In function `cifs_user_read': > fs/cifs/file.c:1168: warning: ignoring return value of > `copy_to_user', declared with attribute warn_unused_result > > I also added an explicit check for errors other than -EAGAIN, since > CIFSSMBRead may return -ENOMEM if it's unable to allocate smb_com_read_rsp; > in that case we don't want to call copy_to_user with a NULL pointer. > > Signed-off-by: Luca Tettamanti <[EMAIL PROTECTED]> > > --- a/fs/cifs/file.c 2005-02-03 17:58:07.0 +0100 > +++ b/fs/cifs/file.c 2005-02-03 18:17:37.0 +0100 > @@ -1151,7 +1151,7 @@ > current_read_size = min_t(const int,read_size - > total_read,cifs_sb->rsize); > rc = -EAGAIN; > smb_read_data = NULL; > - while(rc == -EAGAIN) { > + while(1) { > if ((open_file->invalidHandle) && > (!open_file->closePend)) { > rc = cifs_reopen_file(file->f_dentry->d_inode, > file,TRUE); > @@ -1164,13 +1164,22 @@ >current_read_size, *poffset, >_read, _read_data); > > + if (rc == -EAGAIN) > + continue; > + else > + break; > + > pSMBr = (struct smb_com_read_rsp *)smb_read_data; ^ Perhaps this line and the following lines are never executed with your patch, am I right? > - copy_to_user(current_offset,smb_read_data + 4/* RFC1001 > hdr*/ > + rc = copy_to_user(current_offset,smb_read_data + 4/* > RFC1001 hdr*/ > + le16_to_cpu(pSMBr->DataOffset), bytes_read); > if(smb_read_data) { > cifs_buf_release(smb_read_data); > smb_read_data = NULL; > } > + if (rc) { > + FreeXid(xid); > + return -EFAULT; > + } > } > if (rc || (bytes_read == 0)) { > if (total_read) { > > -- Marcel Sebek jabber: [EMAIL PROTECTED] ICQ: 279852819 linux user number: 307850 GPG ID: 5F88735E GPG FP: 0F01 BAB8 3148 94DB B95D 1FCA 8B63 CA06 5F88 735E signature.asc Description: Digital signature
Re: [PATCH 2.6] Check return value of copy_to_user in fs/cifs/file.c [Re: Linux 2.6.11-rc4]
On Sun, Feb 13, 2005 at 04:44:16PM +0100, Luca wrote: Linus Torvalds [EMAIL PROTECTED] ha scritto: this is hopefully the last -rc kernel before the real 2.6.11, so please give it a whirl, and complain loudly about anything broken. The following patch against 2.6.11-rc4 fixes this compile time warning: CC [M] fs/cifs/file.o fs/cifs/file.c: In function `cifs_user_read': fs/cifs/file.c:1168: warning: ignoring return value of `copy_to_user', declared with attribute warn_unused_result I also added an explicit check for errors other than -EAGAIN, since CIFSSMBRead may return -ENOMEM if it's unable to allocate smb_com_read_rsp; in that case we don't want to call copy_to_user with a NULL pointer. Signed-off-by: Luca Tettamanti [EMAIL PROTECTED] --- a/fs/cifs/file.c 2005-02-03 17:58:07.0 +0100 +++ b/fs/cifs/file.c 2005-02-03 18:17:37.0 +0100 @@ -1151,7 +1151,7 @@ current_read_size = min_t(const int,read_size - total_read,cifs_sb-rsize); rc = -EAGAIN; smb_read_data = NULL; - while(rc == -EAGAIN) { + while(1) { if ((open_file-invalidHandle) (!open_file-closePend)) { rc = cifs_reopen_file(file-f_dentry-d_inode, file,TRUE); @@ -1164,13 +1164,22 @@ current_read_size, *poffset, bytes_read, smb_read_data); + if (rc == -EAGAIN) + continue; + else + break; + pSMBr = (struct smb_com_read_rsp *)smb_read_data; ^ Perhaps this line and the following lines are never executed with your patch, am I right? - copy_to_user(current_offset,smb_read_data + 4/* RFC1001 hdr*/ + rc = copy_to_user(current_offset,smb_read_data + 4/* RFC1001 hdr*/ + le16_to_cpu(pSMBr-DataOffset), bytes_read); if(smb_read_data) { cifs_buf_release(smb_read_data); smb_read_data = NULL; } + if (rc) { + FreeXid(xid); + return -EFAULT; + } } if (rc || (bytes_read == 0)) { if (total_read) { -- Marcel Sebek jabber: [EMAIL PROTECTED] ICQ: 279852819 linux user number: 307850 GPG ID: 5F88735E GPG FP: 0F01 BAB8 3148 94DB B95D 1FCA 8B63 CA06 5F88 735E signature.asc Description: Digital signature