From: Richard Yao <richard.yao@clusterhq.com>
Date: Thu, 16 Apr 2015 14:29:41 +0000 (-0400)
Subject: vn_getf/vn_releasef should not accept negative file descriptors
X-Git-Tag: spl-0.6.5~26
X-Git-Url: https://granicus.if.org/sourcecode?a=commitdiff_plain;h=313b1ea622275e24c3046c3b04a98a933b18f8de;p=spl

vn_getf/vn_releasef should not accept negative file descriptors

C type coercion rules require that negative numbers be converted into
positive numbers via wraparound such that a negative -1 becomes a
positive 1. This causes vn_getf to return a file handle when it should
return NULL whenever a positive file descriptor existed with the same
value. We should check for a negative file descriptor and return NULL
instead.

This was caught by ClusterHQ's unit testing.

Reference:
http://stackoverflow.com/questions/50605/signed-to-unsigned-conversion-in-c-is-it-always-safe

Signed-off-by: Richard Yao <ryao@gentoo.org>
Signed-off-by: Andriy Gapon <avg@FreeBSD.org>
Signed-off-by: Brian Behlendorf <behlendorf1@llnl.gov>
Closes #450
---

diff --git a/module/spl/spl-vnode.c b/module/spl/spl-vnode.c
index 1e26b8e..4c62097 100644
--- a/module/spl/spl-vnode.c
+++ b/module/spl/spl-vnode.c
@@ -648,6 +648,9 @@ vn_getf(int fd)
 	vnode_t *vp;
 	int rc = 0;
 
+	if (fd < 0)
+		return (NULL);
+
 	/* Already open just take an extra reference */
 	spin_lock(&vn_file_lock);
 
@@ -733,6 +736,9 @@ vn_releasef(int fd)
 {
 	file_t *fp;
 
+	if (fd < 0)
+		return;
+
 	spin_lock(&vn_file_lock);
 	fp = file_find(fd);
 	if (fp) {