summaryrefslogtreecommitdiff
path: root/TODO
diff options
context:
space:
mode:
authorAndrew Church <gentoo4@achurch.org>2009-09-24 10:51:12 -0700
committerKay Sievers <kay.sievers@vrfy.org>2009-09-24 10:53:10 -0700
commit4daa146bf71cea174271371a0eb3cf22719a550b (patch)
treecbc5cce64745d6eaaeca4d78c82257bb7275a366 /TODO
parent49c3a01d444052169363030dfd996fc7fd6a4fad (diff)
fix wrong parameter size on ioctl FIONREAD
On Wed, Sep 23, 2009 at 23:11, Matthias Schwarzott <zzam@gentoo.org> wrote: > It is about ioctl failures on amd64: > http://bugs.gentoo.org/show_bug.cgi?id=286041 > > A bad parameter type to an ioctl() call causes udev-146 to generate "error > getting buffer for inotify" messages in syslog. The offending code is > roughly: > > ssize_t nbytes, pos; > // ... > ioctl(fd, FIONREAD, &nbytes); > > where ssize_t is 64 bits on amd64, but the kernel code for FIONREAD (at least > through gentoo-sources-2.6.31) uses type int: > > p = (void __user *) arg; > switch (cmd) { > case FIONREAD: > // ... > ret = put_user(send_len, (int __user *) p); > > so the upper 32 bits of "nbytes" are left uninitialized, and the subsequent > malloc(nbytes) fails unless those 32 bits happen to be zero (or the system has > a LOT of memory).
Diffstat (limited to 'TODO')
0 files changed, 0 insertions, 0 deletions