• Eric Biggers's avatar
    fs/pipe.c: return error code rather than 0 in pipe_write() · 6ae08069
    Eric Biggers authored
    pipe_write() would return 0 if it failed to merge the beginning of the
    data to write with the last, partially filled pipe buffer.  It should
    return an error code instead.  Userspace programs could be confused by
    write() returning 0 when called with a nonzero 'count'.
    
    The EFAULT error case was a regression from f0d1bec9 ("new helper:
    copy_page_from_iter()"), while the ops->confirm() error case was a much
    older bug.
    
    Test program:
    
    	#include <assert.h>
    	#include <errno.h>
    	#include <unistd.h>
    
    	int main(void)
    	{
    		int fd[2];
    		char data[1] = {0};
    
    		assert(0 == pipe(fd));
    		assert(1 == write(fd[1], data, 1));
    
    		/* prior to this patch, write() returned 0 here  */
    		assert(-1 == write(fd[1], NULL, 1));
    		assert(errno == EFAULT);
    	}
    
    Cc: stable@vger.kernel.org # at least v3.15+
    Signed-off-by: default avatarEric Biggers <ebiggers3@gmail.com>
    Signed-off-by: default avatarAl Viro <viro@zeniv.linux.org.uk>
    6ae08069
pipe.c 25 KB