On Fri, 26 Aug 2011 19:57:40 +0300, Dan Carpenter <error27@xxxxxxxxx> wrote:
> The size of things should be unsigned because negative sizes are
> silly. My concern is the the limit checks don't take negative values
> into consideration in p9_client_create()
> if (clnt->msize > clnt->trans_mod->maxsize)
> clnt->msize = clnt->trans_mod->maxsize;
> and in p9_tag_alloc()
> int alloc_msize = min(c->msize, max_size);
>
> I don't know if this is exported to user space? Hopefully it's not
> too late to change this.
The change is also needed to make sure large msize value (429496729) works
Without the change it cause a server crash with Qemu 9p server.
>
> Signed-off-by: Dan Carpenter <error27@xxxxxxxxx>
>
> diff --git a/include/net/9p/client.h b/include/net/9p/client.h
> index 55ce72c..d479d7d 100644
> --- a/include/net/9p/client.h
> +++ b/include/net/9p/client.h
> @@ -151,7 +151,7 @@ struct p9_req_t {
>
> struct p9_client {
> spinlock_t lock; /* protect client structure */
> - int msize;
> + unsigned int msize;
> unsigned char proto_version;
> struct p9_trans_module *trans_mod;
> enum p9_trans_status status;
I applied this with comment update to
git://git.kernel.org/pub/scm/linux/kernel/git/kvaneesh/v9fs.git for-upstream-next-merge
-aneesh
--
To unsubscribe from this list: send the line "unsubscribe kernel-janitors" in
the body of a message to majordomo@xxxxxxxxxxxxxxx
More majordomo info at http://vger.kernel.org/majordomo-info.html
