summaryrefslogtreecommitdiff
path: root/io_uring
diff options
context:
space:
mode:
authorJens Axboe <axboe@kernel.dk>2024-11-21 07:12:17 -0700
committerJens Axboe <axboe@kernel.dk>2024-11-21 07:15:30 -0700
commitee116574de8415b0673c466e6cd28ba5f70c41a2 (patch)
treeec30acea91f145e2eb9e5852a9b78117b1eccff2 /io_uring
parentf46b9cdb22f7a167c36b6bcddaef7e8aee2598fa (diff)
io_uring/nop: ensure nop->fd is always initialized
A previous commit added file support for nop, but it only initializes nop->fd if IORING_NOP_FIXED_FILE is set. That check should be IORING_NOP_FILE. Fix up the condition in nop preparation, and initialize it to a sane value even if we're not going to be directly using it. While in there, do the same thing for the nop->buffer field. Reported-by: syzbot+9a8500a45c2cabdf9577@syzkaller.appspotmail.com Fixes: a85f31052bce ("io_uring/nop: add support for testing registered files and buffers") Signed-off-by: Jens Axboe <axboe@kernel.dk>
Diffstat (limited to 'io_uring')
-rw-r--r--io_uring/nop.c6
1 files changed, 5 insertions, 1 deletions
diff --git a/io_uring/nop.c b/io_uring/nop.c
index 6d470d4251ee..5e5196df650a 100644
--- a/io_uring/nop.c
+++ b/io_uring/nop.c
@@ -35,10 +35,14 @@ int io_nop_prep(struct io_kiocb *req, const struct io_uring_sqe *sqe)
nop->result = READ_ONCE(sqe->len);
else
nop->result = 0;
- if (nop->flags & IORING_NOP_FIXED_FILE)
+ if (nop->flags & IORING_NOP_FILE)
nop->fd = READ_ONCE(sqe->fd);
+ else
+ nop->fd = -1;
if (nop->flags & IORING_NOP_FIXED_BUFFER)
nop->buffer = READ_ONCE(sqe->buf_index);
+ else
+ nop->buffer = -1;
return 0;
}