Author: fsu Date: Fri Dec 22 17:19:08 2017 New Revision: 327087 URL: https://svnweb.freebsd.org/changeset/base/327087
Log: MFC r326808, r326824: Move buffer size checks outside of the vnode locks. Reviewed by: kib, cem, pfg (mentor) Approved by: pfg (mentor) Differential Revision: https://reviews.freebsd.org/D13405 Modified: stable/11/sys/kern/vfs_extattr.c Modified: stable/11/sys/kern/vfs_extattr.c ============================================================================== --- stable/11/sys/kern/vfs_extattr.c Fri Dec 22 17:15:02 2017 (r327086) +++ stable/11/sys/kern/vfs_extattr.c Fri Dec 22 17:19:08 2017 (r327087) @@ -165,6 +165,9 @@ extattr_set_vp(struct vnode *vp, int attrnamespace, co ssize_t cnt; int error; + if (nbytes > IOSIZE_MAX) + return (EINVAL); + error = vn_start_write(vp, &mp, V_WAIT | PCATCH); if (error) return (error); @@ -175,10 +178,6 @@ extattr_set_vp(struct vnode *vp, int attrnamespace, co auio.uio_iov = &aiov; auio.uio_iovcnt = 1; auio.uio_offset = 0; - if (nbytes > IOSIZE_MAX) { - error = EINVAL; - goto done; - } auio.uio_resid = nbytes; auio.uio_rw = UIO_WRITE; auio.uio_segflg = UIO_USERSPACE; @@ -197,7 +196,9 @@ extattr_set_vp(struct vnode *vp, int attrnamespace, co cnt -= auio.uio_resid; td->td_retval[0] = cnt; +#ifdef MAC done: +#endif VOP_UNLOCK(vp, 0); vn_finished_write(mp); return (error); @@ -328,6 +329,9 @@ extattr_get_vp(struct vnode *vp, int attrnamespace, co size_t size, *sizep; int error; + if (nbytes > IOSIZE_MAX) + return (EINVAL); + vn_lock(vp, LK_SHARED | LK_RETRY); /* @@ -344,10 +348,6 @@ extattr_get_vp(struct vnode *vp, int attrnamespace, co auio.uio_iov = &aiov; auio.uio_iovcnt = 1; auio.uio_offset = 0; - if (nbytes > IOSIZE_MAX) { - error = EINVAL; - goto done; - } auio.uio_resid = nbytes; auio.uio_rw = UIO_READ; auio.uio_segflg = UIO_USERSPACE; @@ -372,8 +372,9 @@ extattr_get_vp(struct vnode *vp, int attrnamespace, co td->td_retval[0] = cnt; } else td->td_retval[0] = size; - +#ifdef MAC done: +#endif VOP_UNLOCK(vp, 0); return (error); } @@ -636,6 +637,9 @@ extattr_list_vp(struct vnode *vp, int attrnamespace, v ssize_t cnt; int error; + if (nbytes > IOSIZE_MAX) + return (EINVAL); + vn_lock(vp, LK_EXCLUSIVE | LK_RETRY); auiop = NULL; @@ -647,10 +651,6 @@ extattr_list_vp(struct vnode *vp, int attrnamespace, v auio.uio_iov = &aiov; auio.uio_iovcnt = 1; auio.uio_offset = 0; - if (nbytes > IOSIZE_MAX) { - error = EINVAL; - goto done; - } auio.uio_resid = nbytes; auio.uio_rw = UIO_READ; auio.uio_segflg = UIO_USERSPACE; @@ -674,8 +674,9 @@ extattr_list_vp(struct vnode *vp, int attrnamespace, v td->td_retval[0] = cnt; } else td->td_retval[0] = size; - +#ifdef MAC done: +#endif VOP_UNLOCK(vp, 0); return (error); } _______________________________________________ [email protected] mailing list https://lists.freebsd.org/mailman/listinfo/svn-src-all To unsubscribe, send any mail to "[email protected]"
