From mboxrd@z Thu Jan 1 00:00:00 1970 Return-Path: Received: by sourceware.org (Postfix, from userid 2155) id A20CD3857BBC; Tue, 5 Dec 2023 21:21:31 +0000 (GMT) DKIM-Filter: OpenDKIM Filter v2.11.0 sourceware.org A20CD3857BBC DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed; d=sourceware.org; s=default; t=1701811291; bh=2j4XSHHWgp0L/cHYX8dX2mzNsOenhyHOLo3lqUI10+k=; h=From:To:Subject:Date:From; b=lugQgilAJ9NFovlojDAk9JHkiTr8QvXyUZ8b6xjbMNqAh5H1O41knvjsZUuDFeuvy 98qkLp8I4y8Z3ceVTYYRX5q47xS+rPE8ZS2G3s0Yu2nZN6HARKKfUHXkj3Vkev7jG7 ihjbauzHNLONQMsNQfR5s6/SZOyOjPOHecq7EkGQ= Content-Type: text/plain; charset="utf-8" MIME-Version: 1.0 Content-Transfer-Encoding: quoted-printable From: Corinna Vinschen To: cygwin-cvs@sourceware.org Subject: [newlib-cygwin/main] Cygwin: fallocate(2): fix offset and length sanity check X-Act-Checkin: newlib-cygwin X-Git-Author: Corinna Vinschen X-Git-Refname: refs/heads/main X-Git-Oldrev: 295bef07d6bd18cd58746e46b400faadfb54b712 X-Git-Newrev: 7f88c8e0b316e7832e58ff878cffb62460b2902f Message-Id: <20231205212131.A20CD3857BBC@sourceware.org> Date: Tue, 5 Dec 2023 21:21:31 +0000 (GMT) List-Id: https://sourceware.org/git/gitweb.cgi?p=3Dnewlib-cygwin.git;h=3D7f88c8e0b31= 6e7832e58ff878cffb62460b2902f commit 7f88c8e0b316e7832e58ff878cffb62460b2902f Author: Corinna Vinschen AuthorDate: Tue Dec 5 22:08:42 2023 +0100 Commit: Corinna Vinschen CommitDate: Tue Dec 5 22:20:42 2023 +0100 Cygwin: fallocate(2): fix offset and length sanity check =20 - len must not be <=3D 0 - offset + len must not exceed off_t (max. file size) =20 Fixes: e01c50c7b0a6 ("Cygwin: introduce fallocate(2)") Signed-off-by: Corinna Vinschen Diff: --- winsup/cygwin/syscalls.cc | 4 +++- 1 file changed, 3 insertions(+), 1 deletion(-) diff --git a/winsup/cygwin/syscalls.cc b/winsup/cygwin/syscalls.cc index 3edb55bc608f..b6aeb47c86a4 100644 --- a/winsup/cygwin/syscalls.cc +++ b/winsup/cygwin/syscalls.cc @@ -3005,8 +3005,10 @@ fallocate (int fd, int mode, off_t offset, off_t len) else if ((mode & (FALLOC_FL_PUNCH_HOLE | FALLOC_FL_KEEP_SIZE)) =3D=3D FALLOC_FL_PUNCH_HOLE) res =3D EOPNOTSUPP; - else if (offset < 0 || len =3D=3D 0) + else if (offset < 0 || len <=3D 0) res =3D EINVAL; + else if (INT64_MAX - len < offset) + res =3D EFBIG; else { cygheap_fdget cfd (fd);