diff options
author | Peter Hurley <peter@hurleysoftware.com> | 2013-11-22 13:16:25 +0100 |
---|---|---|
committer | Greg Kroah-Hartman <gregkh@linuxfoundation.org> | 2013-11-25 17:36:56 +0100 |
commit | c77569d2f3ef7844ee4ac7005a57da6898b302a8 (patch) | |
tree | 9c7b1fffb698f410a86463fcc700bec3fca8f6fc /drivers/tty | |
parent | n_tty: Fix echo overrun tail computation (diff) | |
download | linux-c77569d2f3ef7844ee4ac7005a57da6898b302a8.tar.xz linux-c77569d2f3ef7844ee4ac7005a57da6898b302a8.zip |
n_tty: Fix 4096-byte canonical reads
Although the maximum allowable canonical line is specified to
be 255 bytes (MAX_CANON), the practical limit has actually been
the size of the line discipline read buffer (N_TTY_BUF_SIZE == 4096).
Commit 32f13521ca68bc624ff6effc77f308a52b038bf0,
n_tty: Line copy to user buffer in canonical mode, limited the
line copy to 4095 bytes. With a completely full line discipline
read buffer and a userspace buffer > 4095, _no_ data was copied,
and the read() syscall returned 0, indicating EOF.
Fix the interval arithmetic to compute the correct number of bytes
to copy to userspace in the range [1..4096].
Cc: <stable@vger.kernel.org> # 3.12.x
Signed-off-by: Peter Hurley <peter@hurleysoftware.com>
Signed-off-by: Greg Kroah-Hartman <gregkh@linuxfoundation.org>
Diffstat (limited to 'drivers/tty')
-rw-r--r-- | drivers/tty/n_tty.c | 5 |
1 files changed, 4 insertions, 1 deletions
diff --git a/drivers/tty/n_tty.c b/drivers/tty/n_tty.c index d8a779d3a611..c222a561c5ac 100644 --- a/drivers/tty/n_tty.c +++ b/drivers/tty/n_tty.c @@ -1998,7 +1998,10 @@ static int canon_copy_from_read_buf(struct tty_struct *tty, found = 1; size = N_TTY_BUF_SIZE - tail; - n = (found + eol + size) & (N_TTY_BUF_SIZE - 1); + n = eol - tail; + if (n > 4096) + n += 4096; + n += found; c = n; if (found && read_buf(ldata, eol) == __DISABLED_CHAR) { |