Return-Path: Received: (majordomo@vger.kernel.org) by vger.kernel.org via listexpand id S937421AbdCJNjJ (ORCPT ); Fri, 10 Mar 2017 08:39:09 -0500 Received: from shadbolt.e.decadent.org.uk ([88.96.1.126]:43626 "EHLO shadbolt.e.decadent.org.uk" rhost-flags-OK-OK-OK-OK) by vger.kernel.org with ESMTP id S934333AbdCJLw1 (ORCPT ); Fri, 10 Mar 2017 06:52:27 -0500 Content-Type: text/plain; charset="UTF-8" Content-Disposition: inline Content-Transfer-Encoding: 8bit MIME-Version: 1.0 From: Ben Hutchings To: linux-kernel@vger.kernel.org, stable@vger.kernel.org CC: akpm@linux-foundation.org, "Linus Torvalds" , "Miklos Szeredi" Date: Fri, 10 Mar 2017 11:46:23 +0000 Message-ID: X-Mailer: LinuxStableQueue (scripts by bwh) Subject: [PATCH 3.16 303/370] vfs: fix uninitialized flags in splice_to_pipe() In-Reply-To: X-SA-Exim-Connect-IP: 82.70.136.246 X-SA-Exim-Mail-From: ben@decadent.org.uk X-SA-Exim-Scanned: No (on shadbolt.decadent.org.uk); SAEximRunCond expanded to false Sender: linux-kernel-owner@vger.kernel.org List-ID: X-Mailing-List: linux-kernel@vger.kernel.org Content-Length: 1087 Lines: 33 3.16.42-rc1 review patch. If anyone has any objections, please let me know. ------------------ From: Miklos Szeredi commit 5a81e6a171cdbd1fa8bc1fdd80c23d3d71816fac upstream. Flags (PIPE_BUF_FLAG_PACKET, PIPE_BUF_FLAG_GIFT) could remain on the unused part of the pipe ring buffer. Previously splice_to_pipe() left the flags value alone, which could result in incorrect behavior. Uninitialized flags appears to have been there from the introduction of the splice syscall. Signed-off-by: Miklos Szeredi Signed-off-by: Linus Torvalds [bwh: Backported to 3.16: adjust context, indentation] Signed-off-by: Ben Hutchings --- fs/splice.c | 1 + 1 file changed, 1 insertion(+) --- a/fs/splice.c +++ b/fs/splice.c @@ -212,6 +212,7 @@ ssize_t splice_to_pipe(struct pipe_inode buf->len = spd->partial[page_nr].len; buf->private = spd->partial[page_nr].private; buf->ops = spd->ops; + buf->flags = 0; if (spd->flags & SPLICE_F_GIFT) buf->flags |= PIPE_BUF_FLAG_GIFT;