Make filemap_splice_read() check s_maxbytes analogously to filemap_read().
Signed-off-by: David Howells <[email protected]>
cc: Christoph Hellwig <[email protected]>
cc: Steve French <[email protected]>
cc: Jens Axboe <[email protected]>
cc: Al Viro <[email protected]>
cc: David Hildenbrand <[email protected]>
cc: John Hubbard <[email protected]>
cc: [email protected]
cc: [email protected]
cc: [email protected]
---
mm/filemap.c | 3 +++
1 file changed, 3 insertions(+)
diff --git a/mm/filemap.c b/mm/filemap.c
index a2006936a6ae..0fcb0b80c2e2 100644
--- a/mm/filemap.c
+++ b/mm/filemap.c
@@ -2887,6 +2887,9 @@ ssize_t filemap_splice_read(struct file *in, loff_t *ppos,
bool writably_mapped;
int i, error = 0;
+ if (unlikely(*ppos >= in->f_mapping->host->i_sb->s_maxbytes))
+ return 0;
+
init_sync_kiocb(&iocb, in);
iocb.ki_pos = *ppos;
Looks good:
Reviewed-by: Christoph Hellwig <[email protected]>
On Sat, May 20, 2023 at 01:00:21AM +0100, David Howells wrote:
> Make filemap_splice_read() check s_maxbytes analogously to filemap_read().
>
> Signed-off-by: David Howells <[email protected]>
> cc: Christoph Hellwig <[email protected]>
> cc: Steve French <[email protected]>
> cc: Jens Axboe <[email protected]>
> cc: Al Viro <[email protected]>
> cc: David Hildenbrand <[email protected]>
> cc: John Hubbard <[email protected]>
> cc: [email protected]
> cc: [email protected]
> cc: [email protected]
> ---
> mm/filemap.c | 3 +++
> 1 file changed, 3 insertions(+)
>
> diff --git a/mm/filemap.c b/mm/filemap.c
> index a2006936a6ae..0fcb0b80c2e2 100644
> --- a/mm/filemap.c
> +++ b/mm/filemap.c
> @@ -2887,6 +2887,9 @@ ssize_t filemap_splice_read(struct file *in, loff_t *ppos,
> bool writably_mapped;
> int i, error = 0;
>
> + if (unlikely(*ppos >= in->f_mapping->host->i_sb->s_maxbytes))
Pointer deref galore
Reviewed-by: Christian Brauner <[email protected]>