From a10389e783aab5f530641394ef44c8a1dede9372 Mon Sep 17 00:00:00 2001 From: Andrei Vagin Date: Wed, 8 Apr 2020 23:02:09 -0700 Subject: splice: cap splice calls to MAX_RW_COUNT The Linux does the same. Reported-by: syzbot+e81716e8956e92e9d56b@syzkaller.appspotmail.com PiperOrigin-RevId: 305625439 --- pkg/sentry/syscalls/linux/sys_splice.go | 4 ++++ 1 file changed, 4 insertions(+) (limited to 'pkg/sentry/syscalls') diff --git a/pkg/sentry/syscalls/linux/sys_splice.go b/pkg/sentry/syscalls/linux/sys_splice.go index fd642834b..fbc6cf15f 100644 --- a/pkg/sentry/syscalls/linux/sys_splice.go +++ b/pkg/sentry/syscalls/linux/sys_splice.go @@ -29,6 +29,10 @@ func doSplice(t *kernel.Task, outFile, inFile *fs.File, opts fs.SpliceOpts, nonB return 0, syserror.EINVAL } + if opts.Length > int64(kernel.MAX_RW_COUNT) { + opts.Length = int64(kernel.MAX_RW_COUNT) + } + var ( total int64 n int64 -- cgit v1.2.3