From afe1c661572c7a6e9d9419a51fe78e58b18ecbf3 Mon Sep 17 00:00:00 2001
From: Alan Cox <alan@linux.intel.com>
Date: Sat, 24 Sep 2016 14:17:25 +0100
Subject: [PATCH] read/write: error oversized requests

We could allow it but it's undefined behaviour in the standard and in some
of our driver code, so force a nice clear error.
---
 Kernel/syscall_fs.c | 14 ++++++++++++--
 1 file changed, 12 insertions(+), 2 deletions(-)

diff --git a/Kernel/syscall_fs.c b/Kernel/syscall_fs.c
index db58a8cc..b4e07214 100644
--- a/Kernel/syscall_fs.c
+++ b/Kernel/syscall_fs.c
@@ -403,7 +403,12 @@ arg_t _read(void)
 	uint8_t flag;
 
 	if (!nbytes)
-	        return 0;
+		return 0;
+
+	if ((ssize_t)nbytes < 0) {
+		udata.u_error = EINVAL;
+	        return -1;
+	}
 
 	if (!valaddr(buf, nbytes))
 	        return -1;
@@ -466,7 +471,12 @@ arg_t _write(void)
 	uint8_t flag;
 
 	if (!nbytes)
-	        return 0;
+		return 0;
+
+	if ((ssize_t)nbytes < 0) {
+		udata.u_error = EINVAL;
+	        return -1;
+	}
 
 	if (!valaddr(buf, nbytes))
 	        return -1;
-- 
2.34.1