On Sun, Mar 10, 2024 at 07:35:09PM +0100, Jan Engelhardt wrote: > >The kernel detects that offset+count would overflow, and aborts early. > >That's actually a good thing. Otherwise, we wouldn't have noticed that > >the program is missing an lseek(2) call until much later. > >addition of count+offset would cause overflow, that is, undefined > >behavior, it's better to not even start. Otherwise, it gets tricky to > >write code that doesn't invoke UB. > > While offset+count would overflow arithmetically, if the file is not larger > than SSIZE_MAX, that should be just fine, because sendfile() stops at EOF > like read() and does not read beyond EOF or produce extraneous NULs > to the point that a huge file position would come about. But you need a loop limit somewhere, as in for (i = 0; i < offset+count && i < actual_size; i++) And that could be problematic in some cases. It can make sense to be paranoic and abort early. And it's easy to fix at call site, just by subtracting offset to SSIZE_MAX. Cheers, Alex -- <https://www.alejandro-colomar.es/>
Attachment:
signature.asc
Description: PGP signature
