On Fri, Dec 08, 2017 at 12:03:07AM +0100, Vasyl Gomonovych wrote:
> p could be NULL and passing into PTR_ERR
What makes you think this is correct?
To quote the documentation:
The next function to implement is called, amazingly, next(); its job is to
move the iterator forward to the next position in the sequence. The
example module can simply increment the position by one; more useful
modules will do what is needed to step through some data structure. The
next() function returns a new iterator, or NULL if the sequence is
complete. Here's the example version:
So if it returns NULL, we want to set err to 0 and break. Which is, um,
exactly what the code does.
Did you test this at all?
> Signed-off-by: Vasyl Gomonovych <gomonovych@xxxxxxxxx>
> ---
> fs/seq_file.c | 4 ++--
> 1 file changed, 2 insertions(+), 2 deletions(-)
>
> diff --git a/fs/seq_file.c b/fs/seq_file.c
> index 4be761c..8b700b9 100644
> --- a/fs/seq_file.c
> +++ b/fs/seq_file.c
> @@ -262,8 +262,8 @@ ssize_t seq_read(struct file *file, char __user *buf, size_t size, loff_t *ppos)
> size_t offs = m->count;
> loff_t next = pos;
> p = m->op->next(m, p, &next);
> - if (!p || IS_ERR(p)) {
> - err = PTR_ERR(p);
> + if (IS_ERR(p)) {
> + err = (!p ? -EFAULT : PTR_ERR(p));
> break;
> }
> err = m->op->show(m, p);
> --
> 1.9.1
>
