diff options
author | Al Viro <viro@ZenIV.linux.org.uk> | 2012-10-31 03:37:48 +0000 |
---|---|---|
committer | Linus Torvalds <torvalds@linux-foundation.org> | 2012-10-30 21:27:28 -0700 |
commit | 08f05c49749ee655bef921d12160960a273aad47 (patch) | |
tree | 84d95521c8e298b0595be4f66ab5540154d6217b | |
parent | 2df4f26167ab6adc7d2648f57f433ff461965fc8 (diff) | |
download | linux-exynos-08f05c49749ee655bef921d12160960a273aad47.tar.gz linux-exynos-08f05c49749ee655bef921d12160960a273aad47.tar.bz2 linux-exynos-08f05c49749ee655bef921d12160960a273aad47.zip |
Return the right error value when dup[23]() newfd argument is too large
Jack Lin reports that the error return from dup3() for the RLIMIT_NOFILE
case changed incorrectly after 3.6.
The culprit is commit f33ff9927f42 ("take rlimit check to callers of
expand_files()") which when it moved the "return -EMFILE" out to the
caller, didn't notice that the dup3() had special code to turn the
EMFILE return into EBADF.
The replace_fd() helper that got added later then inherited the bug too.
Reported-by: Jack Lin <linliangjie@huawei.com>
Signed-off-by: Al Viro <viro@zeniv.linux.org.uk>
[ Noted more bugs, wrote proper changelog, fixed up typos - Linus ]
Signed-off-by: Linus Torvalds <torvalds@linux-foundation.org>
-rw-r--r-- | fs/file.c | 4 |
1 files changed, 2 insertions, 2 deletions
diff --git a/fs/file.c b/fs/file.c index d3b5fa80b71b..708d997a7748 100644 --- a/fs/file.c +++ b/fs/file.c @@ -900,7 +900,7 @@ int replace_fd(unsigned fd, struct file *file, unsigned flags) return __close_fd(files, fd); if (fd >= rlimit(RLIMIT_NOFILE)) - return -EMFILE; + return -EBADF; spin_lock(&files->file_lock); err = expand_files(files, fd); @@ -926,7 +926,7 @@ SYSCALL_DEFINE3(dup3, unsigned int, oldfd, unsigned int, newfd, int, flags) return -EINVAL; if (newfd >= rlimit(RLIMIT_NOFILE)) - return -EMFILE; + return -EBADF; spin_lock(&files->file_lock); err = expand_files(files, newfd); |