Skip to content

Commit

Permalink
pipe: fix check in "set size" fcntl
Browse files Browse the repository at this point in the history 
As it stands this check compares the number of pages to the page size.
This makes no sense and makes the fcntl fail in almost any sane case.

Fix it by checking if nr_pages is not zero (it can become zero only if
arg is too big and round_pipe_size() overflows).

Signed-off-by: Miklos Szeredi <mszeredi@suse.cz>
Signed-off-by: Jens Axboe <jaxboe@fusionio.com>
  • Loading branch information
Miklos Szeredi authored and Jens Axboe committed Jun 10, 2010
1 parent 1d862f4 commit 6db40cf
Showing 1 changed file with 4 additions and 3 deletions.
7 changes: 4 additions & 3 deletions fs/pipe.c
View file
Original file line number Diff line number Diff line change
Expand Up @@ -1215,12 +1215,13 @@ long pipe_fcntl(struct file *file, unsigned int cmd, unsigned long arg)
size = round_pipe_size(arg);
nr_pages = size >> PAGE_SHIFT;

ret = -EINVAL;
if (!nr_pages)
goto out;

if (!capable(CAP_SYS_RESOURCE) && size > pipe_max_size) {
ret = -EPERM;
goto out;
} else if (nr_pages < PAGE_SIZE) {
ret = -EINVAL;
goto out;
}
ret = pipe_set_size(pipe, nr_pages);
break;
Expand Down

0 comments on commit 6db40cf

Please sign in to comment.