From: Tom Zanussi This patch fails writes larger than the sub-buffer size and prints a warning and stack trace when it happens. I chose this over BUG_ON() or silently failing since while it could probably be considered a bug for an application to let this happen, it's not fatal and the user would probably want to know (and change buffer sizes). Signed-off-by: Tom Zanussi Signed-off-by: Andrew Morton --- 25-akpm/fs/relayfs/relay.c | 13 ++++++++++++- 1 files changed, 12 insertions(+), 1 deletion(-) diff -puN fs/relayfs/relay.c~relayfs-properly-handle-oversized-events fs/relayfs/relay.c --- 25/fs/relayfs/relay.c~relayfs-properly-handle-oversized-events Thu Mar 24 16:15:40 2005 +++ 25-akpm/fs/relayfs/relay.c Thu Mar 24 16:15:40 2005 @@ -378,7 +378,10 @@ unsigned relay_switch_subbuf(struct rcha int new, old, produced = atomic_read(&buf->subbufs_produced); unsigned padding; - if (atomic_read(&buf->unfull)) { + if (unlikely(length > buf->chan->subbuf_size)) + goto toobig; + + if (unlikely(atomic_read(&buf->unfull))) { atomic_set(&buf->unfull, 0); new = produced % buf->chan->n_subbufs; old = (produced - 1) % buf->chan->n_subbufs; @@ -410,7 +413,15 @@ unsigned relay_switch_subbuf(struct rcha new = (produced + 1) % buf->chan->n_subbufs; do_switch(buf, new, old); + if (unlikely(length + buf->offset > buf->chan->subbuf_size)) + goto toobig; + return length; + +toobig: + printk(KERN_WARNING "relayfs: event too large (%u)\n", length); + WARN_ON(1); + return 0; } /** _