aboutsummaryrefslogtreecommitdiffstats
path: root/fs
diff options
context:
space:
mode:
authorSteve French <sfrench@us.ibm.com>2005-10-12 18:32:05 -0400
committerSteve French <sfrench@us.ibm.com>2005-10-12 18:32:05 -0400
commit84d2f07e8e5e2424eec0f5acfef6792c924a0549 (patch)
treec996a1a89db7124d4e644c6abe5e8f0f9c6fdab3 /fs
parent47c786e79b46ef478a1123cb57c711ecb481cbfa (diff)
CIFS: cifs_writepages should not write beyond end of file
Signed-off-by: Dave Kleikamp <shaggy@austin.ibm.com> Signed-off-by: Steve French <sfrench@us.ibm.com>
Diffstat (limited to 'fs')
-rw-r--r--fs/cifs/file.c15
1 files changed, 13 insertions, 2 deletions
diff --git a/fs/cifs/file.c b/fs/cifs/file.c
index 585a62aebd59..23af20d5af7c 100644
--- a/fs/cifs/file.c
+++ b/fs/cifs/file.c
@@ -1011,6 +1011,7 @@ static int cifs_writepages(struct address_space *mapping,
1011 pgoff_t index; 1011 pgoff_t index;
1012 int is_range = 0; 1012 int is_range = 0;
1013 struct kvec iov[32]; 1013 struct kvec iov[32];
1014 int len;
1014 int n_iov = 0; 1015 int n_iov = 0;
1015 pgoff_t next; 1016 pgoff_t next;
1016 int nr_pages; 1017 int nr_pages;
@@ -1124,16 +1125,26 @@ retry:
1124 unlock_page(page); 1125 unlock_page(page);
1125 break; 1126 break;
1126 } 1127 }
1128
1129 if (page_offset(page) >= mapping->host->i_size) {
1130 done = 1;
1131 unlock_page(page);
1132 break;
1133 }
1134
1127 /* 1135 /*
1128 * BB can we get rid of this? pages are held by pvec 1136 * BB can we get rid of this? pages are held by pvec
1129 */ 1137 */
1130 page_cache_get(page); 1138 page_cache_get(page);
1131 1139
1140 len = min(mapping->host->i_size - page_offset(page),
1141 (loff_t)PAGE_CACHE_SIZE);
1142
1132 /* reserve iov[0] for the smb header */ 1143 /* reserve iov[0] for the smb header */
1133 n_iov++; 1144 n_iov++;
1134 iov[n_iov].iov_base = kmap(page); 1145 iov[n_iov].iov_base = kmap(page);
1135 iov[n_iov].iov_len = PAGE_CACHE_SIZE; 1146 iov[n_iov].iov_len = len;
1136 bytes_to_write += PAGE_CACHE_SIZE; 1147 bytes_to_write += len;
1137 1148
1138 if (first < 0) { 1149 if (first < 0) {
1139 first = i; 1150 first = i;