From b72b34e5269fd08bea83bb8ca189807ec1b0c9c9 Mon Sep 17 00:00:00 2001 From: Yehuda Sadeh Date: Tue, 28 Apr 2009 16:45:10 -0700 Subject: [PATCH] kclient: don't allow to pass max file size --- src/kernel/addr.c | 7 +++++++ src/kernel/inode.c | 8 ++++++++ 2 files changed, 15 insertions(+) diff --git a/src/kernel/addr.c b/src/kernel/addr.c index c32f14aff1d69..3f6358e4866d6 100644 --- a/src/kernel/addr.c +++ b/src/kernel/addr.c @@ -948,6 +948,13 @@ retry_locked: /* past end of file? */ i_size = inode->i_size; /* caller holds i_mutex */ + + if (i_size + len > CEPH_FILE_MAX_SIZE) { + /* file is too big */ + r = -EINVAL; + goto fail; + } + if (page_off >= i_size || (pos_in_page == 0 && (pos+len) >= i_size && end_in_page - pos_in_page != PAGE_CACHE_SIZE)) { diff --git a/src/kernel/inode.c b/src/kernel/inode.c index 73608bae4bfe2..69d20acced7b9 100644 --- a/src/kernel/inode.c +++ b/src/kernel/inode.c @@ -1425,6 +1425,10 @@ int ceph_setattr(struct dentry *dentry, struct iattr *attr) if (ia_valid & ATTR_SIZE) { dout(10, "setattr %p size %lld -> %lld\n", inode, inode->i_size, attr->ia_size); + if (attr->ia_size > CEPH_FILE_MAX_SIZE) { + err = -EINVAL; + goto out; + } if ((issued & CEPH_CAP_FILE_EXCL) && attr->ia_size > inode->i_size) { vmtruncate(inode, attr->ia_size); @@ -1474,6 +1478,10 @@ int ceph_setattr(struct dentry *dentry, struct iattr *attr) ceph_mdsc_put_request(req); __ceph_do_pending_vmtruncate(inode); return err; +out: + spin_unlock(&inode->i_lock); + ceph_mdsc_put_request(req); + return err; } /* -- 2.39.5