[PATCH 2.6.12-rc1-mm2] relayfs: properly handle oversized events
This patch fails writes larger than the sub-buffer size and prints a warning and stack trace when it happens. I chose this over BUG_ON() or silently failing since while it could probably be considered a bug for an application to let this happen, it's not fatal and the user would probably want to know (and change buffer sizes). Andrew, please apply. Thanks, Tom Signed-off-by: Tom Zanussi <[EMAIL PROTECTED]> diff -urpN -X dontdiff linux-2.6.12-rc1-mm2/fs/relayfs/relay.c linux-2.6.12-rc1-mm2-cur/fs/relayfs/relay.c --- linux-2.6.12-rc1-mm2/fs/relayfs/relay.c 2005-03-20 22:26:47.0 -0600 +++ linux-2.6.12-rc1-mm2-cur/fs/relayfs/relay.c 2005-03-20 23:32:50.0 -0600 @@ -378,7 +378,10 @@ unsigned relay_switch_subbuf(struct rcha int new, old, produced = atomic_read(>subbufs_produced); unsigned padding; - if (atomic_read(>unfull)) { + if (unlikely(length > buf->chan->subbuf_size)) + goto toobig; + + if (unlikely(atomic_read(>unfull))) { atomic_set(>unfull, 0); new = produced % buf->chan->n_subbufs; old = (produced - 1) % buf->chan->n_subbufs; @@ -410,7 +413,15 @@ unsigned relay_switch_subbuf(struct rcha new = (produced + 1) % buf->chan->n_subbufs; do_switch(buf, new, old); + if (unlikely(length + buf->offset > buf->chan->subbuf_size)) + goto toobig; + return length; + +toobig: + printk(KERN_WARNING "relayfs: event too large (%u)\n", length); + WARN_ON(1); + return 0; } /** - To unsubscribe from this list: send the line "unsubscribe linux-kernel" in the body of a message to [EMAIL PROTECTED] More majordomo info at http://vger.kernel.org/majordomo-info.html Please read the FAQ at http://www.tux.org/lkml/
[PATCH 2.6.12-rc1-mm2] relayfs: properly handle oversized events
This patch fails writes larger than the sub-buffer size and prints a warning and stack trace when it happens. I chose this over BUG_ON() or silently failing since while it could probably be considered a bug for an application to let this happen, it's not fatal and the user would probably want to know (and change buffer sizes). Andrew, please apply. Thanks, Tom Signed-off-by: Tom Zanussi [EMAIL PROTECTED] diff -urpN -X dontdiff linux-2.6.12-rc1-mm2/fs/relayfs/relay.c linux-2.6.12-rc1-mm2-cur/fs/relayfs/relay.c --- linux-2.6.12-rc1-mm2/fs/relayfs/relay.c 2005-03-20 22:26:47.0 -0600 +++ linux-2.6.12-rc1-mm2-cur/fs/relayfs/relay.c 2005-03-20 23:32:50.0 -0600 @@ -378,7 +378,10 @@ unsigned relay_switch_subbuf(struct rcha int new, old, produced = atomic_read(buf-subbufs_produced); unsigned padding; - if (atomic_read(buf-unfull)) { + if (unlikely(length buf-chan-subbuf_size)) + goto toobig; + + if (unlikely(atomic_read(buf-unfull))) { atomic_set(buf-unfull, 0); new = produced % buf-chan-n_subbufs; old = (produced - 1) % buf-chan-n_subbufs; @@ -410,7 +413,15 @@ unsigned relay_switch_subbuf(struct rcha new = (produced + 1) % buf-chan-n_subbufs; do_switch(buf, new, old); + if (unlikely(length + buf-offset buf-chan-subbuf_size)) + goto toobig; + return length; + +toobig: + printk(KERN_WARNING relayfs: event too large (%u)\n, length); + WARN_ON(1); + return 0; } /** - To unsubscribe from this list: send the line unsubscribe linux-kernel in the body of a message to [EMAIL PROTECTED] More majordomo info at http://vger.kernel.org/majordomo-info.html Please read the FAQ at http://www.tux.org/lkml/