On 5 February 2015 at 11:31, Andreas Schwab <sch...@suse.de> wrote:
> The second and fourth argument are in/out parameters, store them back
> after the syscall. Also, the fourth argument was mishandled, and EFAULT
> handling was missing.
>
> Signed-off-by: Andreas Schwab <sch...@suse.de>
Reviewed-by: Peter Maydell <peter.mayd...@linaro.org>
and cc'ing Riku as linux-user maintainer.
-- PMM
> ---
> linux-user/syscall.c | 22 ++++++++++++++++++----
> 1 file changed, 18 insertions(+), 4 deletions(-)
>
> diff --git a/linux-user/syscall.c b/linux-user/syscall.c
> index d4398b9..550aafe 100644
> --- a/linux-user/syscall.c
> +++ b/linux-user/syscall.c
> @@ -9344,15 +9344,29 @@ abi_long do_syscall(void *cpu_env, int num, abi_long
> arg1,
> {
> loff_t loff_in, loff_out;
> loff_t *ploff_in = NULL, *ploff_out = NULL;
> - if(arg2) {
> - get_user_u64(loff_in, arg2);
> + if (arg2) {
> + if (get_user_u64(loff_in, arg2)) {
> + goto efault;
> + }
> ploff_in = &loff_in;
> }
> - if(arg4) {
> - get_user_u64(loff_out, arg2);
> + if (arg4) {
> + if (get_user_u64(loff_out, arg4)) {
> + goto efault;
> + }
> ploff_out = &loff_out;
> }
> ret = get_errno(splice(arg1, ploff_in, arg3, ploff_out, arg5,
> arg6));
> + if (arg2) {
> + if (put_user_u64(loff_in, arg2)) {
> + goto efault;
> + }
> + }
> + if (arg4) {
> + if (put_user_u64(loff_out, arg4)) {
> + goto efault;
> + }
> + }
> }
> break;
> #endif
> --
> 2.2.2
>
