Date: Mon, 23 Jan 2012 16:28:36 +0000 (UTC) From: Jaakko Heinonen <jh@FreeBSD.org> To: src-committers@freebsd.org, svn-src-all@freebsd.org, svn-src-stable@freebsd.org, svn-src-stable-9@freebsd.org Subject: svn commit: r230485 - stable/9/sys/fs/pseudofs Message-ID: <201201231628.q0NGSaMw034349@svn.freebsd.org>
next in thread | raw e-mail | index | archive | help
Author: jh Date: Mon Jan 23 16:28:35 2012 New Revision: 230485 URL: http://svn.freebsd.org/changeset/base/230485 Log: MFC r229694: r222004 changed sbuf_finish() to not clear the buffer error status. As a consequence sbuf_len() will return -1 for buffers which had the error status set prior to sbuf_finish() call. This causes a problem in pfs_read() which purposely uses a fixed size sbuf to discard bytes which are not needed to fulfill the read request. Work around the problem by using the full buffer length when sbuf_finish() indicates an overflow. An overflowed sbuf with fixed size is always full. PR: kern/163076 Modified: stable/9/sys/fs/pseudofs/pseudofs_vnops.c Directory Properties: stable/9/sys/ (props changed) stable/9/sys/amd64/include/xen/ (props changed) stable/9/sys/boot/ (props changed) stable/9/sys/boot/i386/efi/ (props changed) stable/9/sys/boot/ia64/efi/ (props changed) stable/9/sys/boot/ia64/ski/ (props changed) stable/9/sys/boot/powerpc/boot1.chrp/ (props changed) stable/9/sys/boot/powerpc/ofw/ (props changed) stable/9/sys/cddl/contrib/opensolaris/ (props changed) stable/9/sys/conf/ (props changed) stable/9/sys/contrib/dev/acpica/ (props changed) stable/9/sys/contrib/octeon-sdk/ (props changed) stable/9/sys/contrib/pf/ (props changed) stable/9/sys/contrib/x86emu/ (props changed) Modified: stable/9/sys/fs/pseudofs/pseudofs_vnops.c ============================================================================== --- stable/9/sys/fs/pseudofs/pseudofs_vnops.c Mon Jan 23 16:17:54 2012 (r230484) +++ stable/9/sys/fs/pseudofs/pseudofs_vnops.c Mon Jan 23 16:28:35 2012 (r230485) @@ -630,14 +630,14 @@ pfs_read(struct vop_read_args *va) if (uio->uio_offset < 0 || uio->uio_resid < 0 || (offset = uio->uio_offset) != uio->uio_offset || (resid = uio->uio_resid) != uio->uio_resid || - (buflen = offset + resid + 1) < offset || buflen > INT_MAX) { + (buflen = offset + resid) < offset || buflen >= INT_MAX) { error = EINVAL; goto ret; } - if (buflen > MAXPHYS + 1) - buflen = MAXPHYS + 1; + if (buflen > MAXPHYS) + buflen = MAXPHYS; - sb = sbuf_new(sb, NULL, buflen, 0); + sb = sbuf_new(sb, NULL, buflen + 1, 0); if (sb == NULL) { error = EIO; goto ret; @@ -650,8 +650,14 @@ pfs_read(struct vop_read_args *va) goto ret; } - sbuf_finish(sb); - error = uiomove_frombuf(sbuf_data(sb), sbuf_len(sb), uio); + /* + * XXX: If the buffer overflowed, sbuf_len() will not return + * the data length. Then just use the full length because an + * overflowed sbuf must be full. + */ + if (sbuf_finish(sb) == 0) + buflen = sbuf_len(sb); + error = uiomove_frombuf(sbuf_data(sb), buflen, uio); sbuf_delete(sb); ret: vn_lock(vn, locked | LK_RETRY);
Want to link to this message? Use this URL: <https://mail-archive.FreeBSD.org/cgi/mid.cgi?201201231628.q0NGSaMw034349>