If fifo_open() is called with a negative file descriptor, return EINVAL

rather than panicking later.  This can occur if the kernel calls
vn_open() on a fifo, as there will be no associated file descriptor,
and therefore the file descriptor operations cannot be modified to
point to the fifo operation set.

MFC after:	3 days
Reported by:	Martin <nakal at nurfuerspam dot de>
PR:		94278
This commit is contained in:
Robert Watson 2006-03-14 19:29:45 +00:00
parent 31ae0caec1
commit 945a519a23

View File

@ -179,6 +179,8 @@ fifo_open(ap)
int error; int error;
ASSERT_VOP_LOCKED(vp, "fifo_open"); ASSERT_VOP_LOCKED(vp, "fifo_open");
if (ap->a_fdidx < 0)
return (EINVAL);
if ((fip = vp->v_fifoinfo) == NULL) { if ((fip = vp->v_fifoinfo) == NULL) {
MALLOC(fip, struct fifoinfo *, sizeof(*fip), M_VNODE, M_WAITOK); MALLOC(fip, struct fifoinfo *, sizeof(*fip), M_VNODE, M_WAITOK);
error = socreate(AF_LOCAL, &rso, SOCK_STREAM, 0, cred, td); error = socreate(AF_LOCAL, &rso, SOCK_STREAM, 0, cred, td);