summaryrefslogtreecommitdiff
path: root/scripts/package/gen-diff-patch
diff options
context:
space:
mode:
authorHuiwen He <hehuiwen@kylinos.cn>2026-07-03 13:32:56 +0800
committerSteve French <stfrench@microsoft.com>2026-07-13 10:37:54 -0500
commitb09ae45d85dc816987a71db9eebc54b0ae288e94 (patch)
tree14451ff928f9b56f83222fe8659adedac3186199 /scripts/package/gen-diff-patch
parent5906d0e82e8e07d756f3ed1abfac8f8cea2c20dc (diff)
smb/client: handle overlapping allocated ranges in fallocate
smb3_simple_fallocate_range() can skip holes when an allocated range returned by the server starts before the current fallocate offset. The skipped hole is not zero-filled, but fallocate still returns success. A later write to that hole may therefore fail with ENOSPC. The function queries allocated ranges so that it can preserve existing contents and write zeroes only into holes. However, the server may return a range that starts before the current fallocate offset. For example, assume the fallocate request is [100, 400) and the only allocated range returned by the server is [0, 200): Request: [100, 400) Server range: [ 0, 200) allocated Correct: [100, 200) allocated data, skip [200, 400) hole, zero-fill Current: [100, 300) skipped [300, 400) zero-filled afterwards The current code adds the full server range length, 200, to the current offset 100 and moves to 300. As a result, the hole in [200, 300) is skipped without being zero-filled. Fix this by advancing only over the part of the allocated range that overlaps the current fallocate offset. Ignore ranges that end before the current offset and reject ranges whose end offset overflows. This also prevents a malformed range length from causing an out-of-bounds zero-buffer read. Fixes: 966a3cb7c7db ("cifs: improve fallocate emulation") Signed-off-by: Huiwen He <hehuiwen@kylinos.cn> Reviewed-by: ChenXiaoSong <chenxiaosong@kylinos.cn> Signed-off-by: Steve French <stfrench@microsoft.com>
Diffstat (limited to 'scripts/package/gen-diff-patch')
0 files changed, 0 insertions, 0 deletions