diff options
| author | Peter Hurley <peter@hurleysoftware.com> | 2013-11-22 07:16:25 -0500 |
|---|---|---|
| committer | Greg Kroah-Hartman <gregkh@linuxfoundation.org> | 2013-11-25 08:36:56 -0800 |
| commit | c77569d2f3ef7844ee4ac7005a57da6898b302a8 (patch) | |
| tree | 9c7b1fffb698f410a86463fcc700bec3fca8f6fc /drivers/tty/n_tty.c | |
| parent | 6f2225363c205e186c1465c2c7c84f17c1635504 (diff) | |
| download | op-kernel-dev-c77569d2f3ef7844ee4ac7005a57da6898b302a8.zip op-kernel-dev-c77569d2f3ef7844ee4ac7005a57da6898b302a8.tar.gz | |
n_tty: Fix 4096-byte canonical reads
Although the maximum allowable canonical line is specified to
be 255 bytes (MAX_CANON), the practical limit has actually been
the size of the line discipline read buffer (N_TTY_BUF_SIZE == 4096).
Commit 32f13521ca68bc624ff6effc77f308a52b038bf0,
n_tty: Line copy to user buffer in canonical mode, limited the
line copy to 4095 bytes. With a completely full line discipline
read buffer and a userspace buffer > 4095, _no_ data was copied,
and the read() syscall returned 0, indicating EOF.
Fix the interval arithmetic to compute the correct number of bytes
to copy to userspace in the range [1..4096].
Cc: <stable@vger.kernel.org> # 3.12.x
Signed-off-by: Peter Hurley <peter@hurleysoftware.com>
Signed-off-by: Greg Kroah-Hartman <gregkh@linuxfoundation.org>
Diffstat (limited to 'drivers/tty/n_tty.c')
| -rw-r--r-- | drivers/tty/n_tty.c | 5 |
1 files changed, 4 insertions, 1 deletions
diff --git a/drivers/tty/n_tty.c b/drivers/tty/n_tty.c index d8a779d..c222a56 100644 --- a/drivers/tty/n_tty.c +++ b/drivers/tty/n_tty.c @@ -1998,7 +1998,10 @@ static int canon_copy_from_read_buf(struct tty_struct *tty, found = 1; size = N_TTY_BUF_SIZE - tail; - n = (found + eol + size) & (N_TTY_BUF_SIZE - 1); + n = eol - tail; + if (n > 4096) + n += 4096; + n += found; c = n; if (found && read_buf(ldata, eol) == __DISABLED_CHAR) { |
