Re: [RFC][PATCH][bugfix] more checks for negative f_pos handling (Was Re: Question: how to handle too big f_pos

[AmÃrico Wang]

On Wed, Sep 16, 2009 at 4:44 PM, KAMEZAWA Hiroyuki
<kamezawa.hiroyu@xxxxxxxxxxxxxx> wrote:
> Ah, sorry. I should CC: you.


No problem. :)

>> > --- mmotm-2.6.31-Sep14.orig/fs/proc/base.c
>> > +++ mmotm-2.6.31-Sep14/fs/proc/base.c
>> > @@ -903,18 +903,30 @@ out_no_task:
>> >
>> > Âloff_t mem_lseek(struct file *file, loff_t offset, int orig)
>> > Â{
>> > + Â Â Â struct task_struct *task = get_proc_task(file->f_path.dentry->d_inode);
>> > + Â Â Â unsigned long long new_offset = -EINVAL;
>>
>>
>> Why not make 'new_offset' as loff_t? This can make your code easier.
>>
> loff_t is "long long", I wanted "unsigned long long" for showing
> f_pos here is treated as "unsigned".
>


Yeah, the same as for __verify_negative_pos_range(), right...


<snip>

>> > Â Â Â Â}
>> > - Â Â Â force_successful_syscall_return();
>> > - Â Â Â return file->f_pos;
>> > + Â Â Â if (new_offset < (unsigned long long)TASK_SIZE_OF(task)) {
>>
>>
>> Hmm, why this check?
>>
> 2 reasons.
>
> Â1. If this lseek has to check something, this is it.
> Â2. On architecture where 32bit program can ran on 64bit,
> Â Â moving f_pos above 4G is out-of-range, for example.
>
> But mem_read() will catch any bad f_pos, anyway. So, just making
> allow all f_pos here is maybe a choice. Considering lseek,
> providing this range check here is not so bad.

Ok, I misunderstood the macro 'TASK_SIZE_OF', then no problem.

Reviewed-by: WANG Cong <xiyou.wangcong@xxxxxxxxx>

Thanks.
--
To unsubscribe from this list: send the line "unsubscribe linux-kernel" in
the body of a message to majordomo@xxxxxxxxxxxxxxx
More majordomo info at  http://vger.kernel.org/majordomo-info.html
Please read the FAQ at  http://www.tux.org/lkml/