Re: [PATCH] Limit sendfile() to 2^31-PAGE_CACHE_SIZE bytes withouterror

[H. Peter Anvin]

Linus Torvalds wrote:
> On Wed, 4 Jan 2006, Linus Torvalds wrote:
>
> > On Tue, 3 Jan 2006, H. Peter Anvin wrote:
> >
> > > (I set the limit to 2^31-PAGE_CACHE_SIZE so that a transfer that starts at the
> > > beginning of the file will continue to be page-aligned.)
> >
> > Ok, this patch looks ok, if it's confirmed to unbreak apache.
>
> Actually, looking closer, this patch does the wrong thing for a size_t 
> that is negative in ssize_t (which is technically "undefined behaviour" in 
> POSIX, but turning it into a big positive number is objectively worse than 
> returning -EINVAL).

OK, that's a fair cop.  I agree.  In fact, for readv/writev(), POSIX 
does specify:

"If the sum of the iov_len values is greater than {SSIZE_MAX}, the 
operation shall fail and no data shall be tranferred."

... which is good precedence for doing so for all values.

So, what system calls are affected?  sendfile, [p]read[v], [p]write[v], 
send*, recv*, any others?

	-hpa
-
To unsubscribe from this list: send the line "unsubscribe linux-kernel" in
the body of a message to majordomo@xxxxxxxxxxxxxxx
More majordomo info at  http://vger.kernel.org/majordomo-info.html
Please read the FAQ at  http://www.tux.org/lkml/