Commit c59efa7e authored by Nikolay Borisov's avatar Nikolay Borisov Committed by David Sterba

btrfs: Fix -EOVERFLOW handling in btrfs_ioctl_tree_search_v2

The buffer passed to btrfs_ioctl_tree_search* functions have to be at least
sizeof(struct btrfs_ioctl_search_header). If this is not the case then the
ioctl should return -EOVERFLOW and set the uarg->buf_size to the minimum
required size. Currently btrfs_ioctl_tree_search_v2 would return an -EOVERFLOW
error with ->buf_size being set to the value passed by user space. Fix this by
removing the size check and relying on search_ioctl, which already includes it
and correctly sets buf_size.
Signed-off-by: default avatarNikolay Borisov <nborisov@suse.com>
Signed-off-by: default avatarChris Mason <clm@fb.com>
Reviewed-by: default avatarDavid Sterba <dsterba@suse.com>
Signed-off-by: default avatarDavid Sterba <dsterba@suse.com>
parent e6961cac
...@@ -2169,9 +2169,6 @@ static noinline int btrfs_ioctl_tree_search_v2(struct file *file, ...@@ -2169,9 +2169,6 @@ static noinline int btrfs_ioctl_tree_search_v2(struct file *file,
buf_size = args.buf_size; buf_size = args.buf_size;
if (buf_size < sizeof(struct btrfs_ioctl_search_header))
return -EOVERFLOW;
/* limit result size to 16MB */ /* limit result size to 16MB */
if (buf_size > buf_limit) if (buf_size > buf_limit)
buf_size = buf_limit; buf_size = buf_limit;
......
Markdown is supported
0%
or
You are about to add 0 people to the discussion. Proceed with caution.
Finish editing this message first!
Please register or to comment