From: Al Viro <viro@zeniv.linux.org.uk>
Date: Tue, 18 May 2021 01:56:38 +0000 (-0400)
Subject: getcwd(2): saner logics around prepend_path() call
X-Git-Tag: v5.14-rc1~91^2~9
X-Git-Url: http://git.ipfire.org/?a=commitdiff_plain;h=a0378fb9b33308fb4547f098c6281af8ab4b5fb5;p=thirdparty%2Fkernel%2Flinux.git

getcwd(2): saner logics around prepend_path() call

The only negative value that might get returned by prepend_path() is
-ENAMETOOLONG, and that happens only on overflow.  The same goes for
prepend_unreachable().  Overflow is detectable by observing negative
buflen, so we can simplify the control flow around the prepend_path()
call.  Expand prepend_unreachable(), while we are at it - that's the
only caller.

Signed-off-by: Al Viro <viro@zeniv.linux.org.uk>
---

diff --git a/fs/d_path.c b/fs/d_path.c
index 7f3fac544bbbf..311d432875727 100644
--- a/fs/d_path.c
+++ b/fs/d_path.c
@@ -211,11 +211,6 @@ char *d_absolute_path(const struct path *path,
 	return res;
 }
 
-static int prepend_unreachable(char **buffer, int *buflen)
-{
-	return prepend(buffer, buflen, "(unreachable)", 13);
-}
-
 static void get_fs_root_rcu(struct fs_struct *fs, struct path *root)
 {
 	unsigned seq;
@@ -414,17 +409,13 @@ SYSCALL_DEFINE2(getcwd, char __user *, buf, unsigned long, size)
 		int buflen = PATH_MAX;
 
 		prepend(&cwd, &buflen, "", 1);
-		error = prepend_path(&pwd, &root, &cwd, &buflen);
+		if (prepend_path(&pwd, &root, &cwd, &buflen) > 0)
+			prepend(&cwd, &buflen, "(unreachable)", 13);
 		rcu_read_unlock();
 
-		if (error < 0)
+		if (buflen < 0) {
+			error = -ENAMETOOLONG;
 			goto out;
-
-		/* Unreachable from current root */
-		if (error > 0) {
-			error = prepend_unreachable(&cwd, &buflen);
-			if (error)
-				goto out;
 		}
 
 		error = -ERANGE;