spec_vnops.c uiomove() conversion

Wed, 13 Jan 2016 11:23:14 -0800 

Below the conversion to uiomove() for kern/spec_vnops.c. This diff
prevents truncation of uio_resid when passed to min().

Index: kern/spec_vnops.c
===================================================================
RCS file: /cvs/src/sys/kern/spec_vnops.c,v
retrieving revision 1.84
diff -u -p -u -r1.84 spec_vnops.c
--- kern/spec_vnops.c   5 Dec 2015 10:11:53 -0000       1.84
+++ kern/spec_vnops.c   13 Jan 2016 19:12:40 -0000
@@ -202,7 +202,8 @@ spec_read(void *v)
        daddr_t bn, nextbn, bscale;
        int bsize;
        struct partinfo dpart;
-       int n, on, majordev;
+       size_t n;
+       int on, majordev;
        int (*ioctl)(dev_t, u_long, caddr_t, int, struct proc *);
        int error = 0;
 
@@ -243,7 +244,7 @@ spec_read(void *v)
                do {
                        bn = btodb(uio->uio_offset) & ~(bscale - 1);
                        on = uio->uio_offset % bsize;
-                       n = min((bsize - on), uio->uio_resid);
+                       n = ulmin((bsize - on), uio->uio_resid);
                        if (vp->v_lastr + bscale == bn) {
                                nextbn = bn + bscale;
                                error = breadn(vp, bn, bsize, &nextbn, &bsize,
@@ -251,12 +252,12 @@ spec_read(void *v)
                        } else
                                error = bread(vp, bn, bsize, &bp);
                        vp->v_lastr = bn;
-                       n = min(n, bsize - bp->b_resid);
+                       n = ulmin(n, bsize - bp->b_resid);
                        if (error) {
                                brelse(bp);
                                return (error);
                        }
-                       error = uiomovei((char *)bp->b_data + on, n, uio);
+                       error = uiomove((char *)bp->b_data + on, n, uio);
                        brelse(bp);
                } while (error == 0 && uio->uio_resid > 0 && n != 0);
                return (error);
@@ -290,7 +291,8 @@ spec_write(void *v)
        daddr_t bn, bscale;
        int bsize;
        struct partinfo dpart;
-       int n, on, majordev;
+       size_t n;
+       int on, majordev;
        int (*ioctl)(dev_t, u_long, caddr_t, int, struct proc *);
        int error = 0;
 
@@ -331,14 +333,14 @@ spec_write(void *v)
                do {
                        bn = btodb(uio->uio_offset) & ~(bscale - 1);
                        on = uio->uio_offset % bsize;
-                       n = min((bsize - on), uio->uio_resid);
+                       n = ulmin((bsize - on), uio->uio_resid);
                        error = bread(vp, bn, bsize, &bp);
-                       n = min(n, bsize - bp->b_resid);
+                       n = ulmin(n, bsize - bp->b_resid);
                        if (error) {
                                brelse(bp);
                                return (error);
                        }
-                       error = uiomovei((char *)bp->b_data + on, n, uio);
+                       error = uiomove((char *)bp->b_data + on, n, uio);
                        if (n + on == bsize)
                                bawrite(bp);
                        else

cheers,
natano

Reply via email to