From: Csaba Henk Date: Mon, 29 Jun 2009 01:26:53 +0000 (+0200) Subject: fuse: fix return value of fuse_dev_write() X-Git-Url: https://git.stricted.de/?a=commitdiff_plain;h=b4c458b3a23d76936e76678f2074b1528f129f7a;p=GitHub%2Fmt8127%2Fandroid_kernel_alcatel_ttab.git fuse: fix return value of fuse_dev_write() On 64 bit systems -- where sizeof(ssize_t) > sizeof(int) -- the following test exposes a bug due to a non-careful return of an int or unsigned value: implement a FUSE filesystem which sends an unsolicited notification to the kernel with invalid opcode. The respective write to /dev/fuse will return (1 << 32) - EINVAL with errno == 0 instead of -1 with errno == EINVAL. Signed-off-by: Miklos Szeredi CC: stable@kernel.org --- diff --git a/fs/fuse/dev.c b/fs/fuse/dev.c index 8fed2ed12f38..8a11a8c67c42 100644 --- a/fs/fuse/dev.c +++ b/fs/fuse/dev.c @@ -910,7 +910,7 @@ static ssize_t fuse_dev_write(struct kiocb *iocb, const struct iovec *iov, unsigned long nr_segs, loff_t pos) { int err; - unsigned nbytes = iov_length(iov, nr_segs); + size_t nbytes = iov_length(iov, nr_segs); struct fuse_req *req; struct fuse_out_header oh; struct fuse_copy_state cs;