shithub: riscv

Download patch

ref: aa3eb3b64d61da83932cbb5ad8553404b9397580
parent: e44ea2b103b1d7964a4ad345e7ce6bd24615ebf0
author: cinap_lenrek <cinap_lenrek@felloff.net>
date: Fri Aug 25 14:07:38 EDT 2023 

lib9p: return effective iounit in Ropen response

Do not return a iounit in Ropen/Rcreate response
that exceeds the negotiated message size.

This check is also done in devmnt, but doing it
also in the file-server makes the meaning of that
field less ambiguous.


--- a/sys/src/lib9p/srv.c
+++ b/sys/src/lib9p/srv.c
@@ -468,10 +468,15 @@
 static void
 ropen(Req *r, char *error)
 {
+	uint iounit;
+
 	if(error)
 		return;
 	if(chatty9p)
 		fprint(2, "fid mode is %x\n", (int)r->ifcall.mode);
+	iounit = r->srv->msize - IOHDRSZ;
+	if(r->ofcall.iounit > iounit)
+		r->ofcall.iounit = iounit;
 	if(r->ofcall.qid.type&QTDIR)
 		r->fid->diroffset = 0;
 	r->fid->qid = r->ofcall.qid;
@@ -481,6 +486,7 @@
 static void
 sread(Srv *srv, Req *r)
 {
+	uint iounit;
 	int o;
 
 	if((r->fid = lookupfid(srv->fpool, r->ifcall.fid)) == nil){
@@ -501,17 +507,18 @@
 	case OEXEC:
 		break;
 	}
-	if((int)r->ifcall.count < 0){
-		respond(r, Ebotch);
-		return;
-	}
 	if(r->ifcall.offset < 0
 	|| ((r->fid->qid.type&QTDIR) && r->ifcall.offset != 0 && r->ifcall.offset != r->fid->diroffset)){
 		respond(r, Ebadoffset);
 		return;
 	}
-	if(r->ifcall.count > srv->msize - IOHDRSZ)
-		r->ifcall.count = srv->msize - IOHDRSZ;
+	if((int)r->ifcall.count < 0){
+		respond(r, Ebotch);
+		return;
+	}
+	iounit = srv->msize - IOHDRSZ;
+	if(r->ifcall.count > iounit)
+		r->ifcall.count = iounit;
 	r->rbuf = emalloc9p(r->ifcall.count);
 	r->ofcall.data = r->rbuf;
 	if((r->fid->qid.type&QTDIR) && r->fid->file){
@@ -534,6 +541,7 @@
 static void
 swrite(Srv *srv, Req *r)
 {
+	uint iounit;
 	int o;
 
 	if((r->fid = lookupfid(srv->fpool, r->ifcall.fid)) == nil){
@@ -557,16 +565,17 @@
 		respond(r, Ebotch);
 		return;
 	}
-	if((int)r->ifcall.count < 0){
+	if(r->ifcall.offset < 0){
 		respond(r, Ebotch);
 		return;
 	}
-	if(r->ifcall.offset < 0){
+	if((int)r->ifcall.count < 0){
 		respond(r, Ebotch);
 		return;
 	}
-	if(r->ifcall.count > srv->msize - IOHDRSZ)
-		r->ifcall.count = srv->msize - IOHDRSZ;
+	iounit = srv->msize - IOHDRSZ;
+	if(r->ifcall.count > iounit)
+		r->ifcall.count = iounit;
 	if(srv->write)
 		srv->write(r);
 	else