summaryrefslogtreecommitdiffhomepage
path: root/pkg
diff options
context:
space:
mode:
authorAndrei Vagin <avagin@google.com>2020-04-08 23:02:09 -0700
committergVisor bot <gvisor-bot@google.com>2020-04-08 23:03:12 -0700
commita10389e783aab5f530641394ef44c8a1dede9372 (patch)
tree6d3f73f65ed91f001e11a3d6f135943d4776498c /pkg
parent7297fd7238e17803e073fb5a5ef85edf992bdf6b (diff)
splice: cap splice calls to MAX_RW_COUNT
The Linux does the same. Reported-by: syzbot+e81716e8956e92e9d56b@syzkaller.appspotmail.com PiperOrigin-RevId: 305625439
Diffstat (limited to 'pkg')
-rw-r--r--pkg/sentry/syscalls/linux/sys_splice.go4
1 files changed, 4 insertions, 0 deletions
diff --git a/pkg/sentry/syscalls/linux/sys_splice.go b/pkg/sentry/syscalls/linux/sys_splice.go
index fd642834b..fbc6cf15f 100644
--- a/pkg/sentry/syscalls/linux/sys_splice.go
+++ b/pkg/sentry/syscalls/linux/sys_splice.go
@@ -29,6 +29,10 @@ func doSplice(t *kernel.Task, outFile, inFile *fs.File, opts fs.SpliceOpts, nonB
return 0, syserror.EINVAL
}
+ if opts.Length > int64(kernel.MAX_RW_COUNT) {
+ opts.Length = int64(kernel.MAX_RW_COUNT)
+ }
+
var (
total int64
n int64