[PATCH] fcntl fix

Today we return EINVAL for fcntl with a lock with negative length.
POSIX-2001 says that the lock covers start .. start+len-1 if len >= 0
and start+len .. start-1 if len < 0.

diff --git a/fs/locks.c b/fs/locks.c
index 525722e45a521833a82f28f8d7e8f688768463d7..379fd3ea4de06725a34b023dac667bccb5198437 100644 (file)
--- a/fs/locks.c
+++ b/fs/locks.c
@@ -297,11 +297,20 @@ static int flock_to_posix_lock(struct file *filp, struct file_lock *fl,
                return -EINVAL;
        }
 
-       if (((start += l->l_start) < 0) || (l->l_len < 0))
-               return -EINVAL;
+       /* POSIX-1996 leaves the case l->l_len < 0 undefined;
+          POSIX-2001 defines it. */
+       start += l->l_start;
        end = start + l->l_len - 1;
+       if (l->l_len < 0) {
+               end = start - 1;
+               start += l->l_len;
+       }
+
+       if (start < 0)
+               return -EINVAL;
        if (l->l_len > 0 && end < 0)
                return -EOVERFLOW;
+
        fl->fl_start = start;   /* we record the absolute position */
        fl->fl_end = end;
        if (l->l_len == 0)