in cifssmb.c add copy_from_user return value check and do minor
formatting/whitespace cleanups.
Jesper Juhl
juhl-lkml at dif.dk
Wed Dec 22 00:27:53 GMT 2004
On Wed, 22 Dec 2004, Domen Puncer wrote:
> On 22/12/04 00:33 +0100, Jesper Juhl wrote:
> >
[...]
> > + if (buf) {
> > + memcpy(pSMB->Data,buf,bytes_sent);
> > + } else if (ubuf) {
> > + if (copy_from_user(pSMB->Data,ubuf,bytes_sent)) {
> > + if (pSMB)
>
> How can this be NULL, and code not Oopsing?
>
Right, it would have Oopsed in tons of places above if pSMB was NULL, so
there's no point in checking it at this stage. And if I'm reading
smb_init() correctly, then it will return an error if it can't give pSMB a
sane value, so we already bail out at the smb_init() call in that case.
How about this patch instead? (same as the previous one except it also
removes those aparently pointless checks of pSMB and changes a single
instance of a pointer being compared to 0 to instead compare against NULL
so sparse won't complain about that) :
Signed-off-by: Jesper Juhl <juhl-lkml at dif.dk>
diff -up linux-2.6.10-rc3-bk13-orig/fs/cifs/cifssmb.c linux-2.6.10-rc3-bk13/fs/cifs/cifssmb.c
--- linux-2.6.10-rc3-bk13-orig/fs/cifs/cifssmb.c 2004-12-20 22:19:42.000000000 +0100
+++ linux-2.6.10-rc3-bk13/fs/cifs/cifssmb.c 2004-12-22 01:20:21.000000000 +0100
@@ -246,7 +246,7 @@ smb_init(int smb_command, int wct, struc
return rc;
*request_buf = cifs_buf_get();
- if (*request_buf == 0) {
+ if (*request_buf == NULL) {
/* BB should we add a retry in here if not a writepage? */
return -ENOMEM;
}
@@ -895,15 +895,18 @@ CIFSSMBWrite(const int xid, struct cifsT
bytes_sent = count;
pSMB->DataLengthHigh = 0;
pSMB->DataOffset =
- cpu_to_le16(offsetof(struct smb_com_write_req,Data) - 4);
- if(buf)
- memcpy(pSMB->Data,buf,bytes_sent);
- else if(ubuf)
- copy_from_user(pSMB->Data,ubuf,bytes_sent);
- else {
- /* No buffer */
- if(pSMB)
+ cpu_to_le16(offsetof(struct smb_com_write_req,Data) - 4);
+
+ if (buf) {
+ memcpy(pSMB->Data,buf,bytes_sent);
+ } else if (ubuf) {
+ if (copy_from_user(pSMB->Data,ubuf,bytes_sent)) {
cifs_buf_release(pSMB);
+ return -EFAULT;
+ }
+ } else {
+ /* No buffer */
+ cifs_buf_release(pSMB);
return -EINVAL;
}
@@ -921,8 +924,7 @@ CIFSSMBWrite(const int xid, struct cifsT
} else
*nbytes = le16_to_cpu(pSMBr->Count);
- if (pSMB)
- cifs_buf_release(pSMB);
+ cifs_buf_release(pSMB);
/* Note: On -EAGAIN error only caller can retry on handle based calls
since file handle passed in no longer valid */
More information about the samba-technical
mailing list