From: Trond Myklebust <Trond.Myklebust@netapp.com>
To: linux-nfs@vger.kernel.org
Cc: "J. Bruce Fields" <bfields@citi.umich.edu>
Subject: [PATCH 23/30] nfs: Fix misparsing of nfsv4 fs_locations attribute
Date: Tue, 07 Oct 2008 18:19:54 -0400 [thread overview]
Message-ID: <20081007221953.20945.2828.stgit@localhost.localdomain> (raw)
In-Reply-To: <20081007221952.20945.69529.stgit-bi+AKbBUZKY6gyzm1THtWbp2dZbC/Bob@public.gmane.org>
From: J. Bruce Fields <bfields@citi.umich.edu>
The code incorrectly assumes here that the server name (or ip address)
is null-terminated. This can cause referrals to fail in some cases.
Also support ipv6 addresses.
Signed-off-by: J. Bruce Fields <bfields@citi.umich.edu>
Signed-off-by: Trond Myklebust <Trond.Myklebust@netapp.com>
---
fs/nfs/internal.h | 2 ++
fs/nfs/nfs4namespace.c | 44 ++++++++++++++++++--------------------------
fs/nfs/super.c | 4 +---
3 files changed, 21 insertions(+), 29 deletions(-)
diff --git a/fs/nfs/internal.h b/fs/nfs/internal.h
index 8d91bd8..5d2a5d3 100644
--- a/fs/nfs/internal.h
+++ b/fs/nfs/internal.h
@@ -153,6 +153,7 @@ extern void nfs4_clear_inode(struct inode *);
void nfs_zap_acl_cache(struct inode *inode);
/* super.c */
+void nfs_parse_ip_address(char *, size_t, struct sockaddr *, size_t *);
extern struct file_system_type nfs_xdev_fs_type;
#ifdef CONFIG_NFS_V4
extern struct file_system_type nfs4_xdev_fs_type;
@@ -276,6 +277,7 @@ unsigned int nfs_page_array_len(unsigned int base, size_t len)
PAGE_SIZE - 1) >> PAGE_SHIFT;
}
+#define IPV6_SCOPE_DELIMITER '%'
/*
* Set the port number in an address. Be agnostic about the address
diff --git a/fs/nfs/nfs4namespace.c b/fs/nfs/nfs4namespace.c
index 6bcc569..30befc3 100644
--- a/fs/nfs/nfs4namespace.c
+++ b/fs/nfs/nfs4namespace.c
@@ -93,50 +93,42 @@ static int nfs4_validate_fspath(const struct vfsmount *mnt_parent,
return 0;
}
-/*
- * Check if the string represents a "valid" IPv4 address
- */
-static inline int valid_ipaddr4(const char *buf)
-{
- int rc, count, in[4];
-
- rc = sscanf(buf, "%d.%d.%d.%d", &in[0], &in[1], &in[2], &in[3]);
- if (rc != 4)
- return -EINVAL;
- for (count = 0; count < 4; count++) {
- if (in[count] > 255)
- return -EINVAL;
- }
- return 0;
-}
-
static struct vfsmount *try_location(struct nfs_clone_mount *mountdata,
char *page, char *page2,
const struct nfs4_fs_location *location)
{
struct vfsmount *mnt = ERR_PTR(-ENOENT);
char *mnt_path;
+ int page2len;
unsigned int s;
mnt_path = nfs4_pathname_string(&location->rootpath, page2, PAGE_SIZE);
if (IS_ERR(mnt_path))
return mnt;
mountdata->mnt_path = mnt_path;
+ page2 += strlen(mnt_path) + 1;
+ page2len = PAGE_SIZE - strlen(mnt_path) - 1;
for (s = 0; s < location->nservers; s++) {
- struct sockaddr_in addr = {
- .sin_family = AF_INET,
- .sin_port = htons(NFS_PORT),
- };
+ const struct nfs4_string *buf = &location->servers[s];
+ struct sockaddr_storage addr;
- if (location->servers[s].len <= 0 ||
- valid_ipaddr4(location->servers[s].data) < 0)
+ if (buf->len <= 0 || buf->len >= PAGE_SIZE)
continue;
- mountdata->hostname = location->servers[s].data;
- addr.sin_addr.s_addr = in_aton(mountdata->hostname),
mountdata->addr = (struct sockaddr *)&addr;
- mountdata->addrlen = sizeof(addr);
+
+ if (memchr(buf->data, IPV6_SCOPE_DELIMITER, buf->len))
+ continue;
+ nfs_parse_ip_address(buf->data, buf->len,
+ mountdata->addr, &mountdata->addrlen);
+ if (mountdata->addr->sa_family == AF_UNSPEC)
+ continue;
+ nfs_set_port(mountdata->addr, NFS_PORT);
+
+ strncpy(page2, buf->data, page2len);
+ page2[page2len] = '\0';
+ mountdata->hostname = page2;
snprintf(page, PAGE_SIZE, "%s:%s",
mountdata->hostname,
diff --git a/fs/nfs/super.c b/fs/nfs/super.c
index b99096b..20dc4cc 100644
--- a/fs/nfs/super.c
+++ b/fs/nfs/super.c
@@ -716,8 +716,6 @@ static void nfs_parse_ipv4_address(char *string, size_t str_len,
*addr_len = 0;
}
-#define IPV6_SCOPE_DELIMITER '%'
-
#if defined(CONFIG_IPV6) || defined(CONFIG_IPV6_MODULE)
static void nfs_parse_ipv6_scope_id(const char *string, const size_t str_len,
const char *delim,
@@ -790,7 +788,7 @@ static void nfs_parse_ipv6_address(char *string, size_t str_len,
* If there is a problem constructing the new sockaddr, set the address
* family to AF_UNSPEC.
*/
-static void nfs_parse_ip_address(char *string, size_t str_len,
+void nfs_parse_ip_address(char *string, size_t str_len,
struct sockaddr *sap, size_t *addr_len)
{
unsigned int i, colons;
next prev parent reply other threads:[~2008-10-07 22:32 UTC|newest]
Thread overview: 42+ messages / expand[flat|nested] mbox.gz Atom feed top
2008-10-07 22:19 [PATCH 00/30] What's in the NFS queue for 2.6.27 Trond Myklebust
[not found] ` <20081007221952.20945.69529.stgit-bi+AKbBUZKY6gyzm1THtWbp2dZbC/Bob@public.gmane.org>
2008-10-07 22:19 ` [PATCH 02/30] NFS: Clean up nfs_sb_active/nfs_sb_deactive Trond Myklebust
2008-10-07 22:19 ` [PATCH 01/30] NFS: Fix nfs_file_llseek() Trond Myklebust
2008-10-07 22:19 ` [PATCH 20/30] nfs: break up nfs_follow_referral Trond Myklebust
2008-10-07 22:19 ` [PATCH 22/30] nfs: prepare to share nfs_set_port Trond Myklebust
2008-10-07 22:19 ` [PATCH 04/30] NFS: Don't apply NFS_MOUNT_FLAGMASK to text-based mounts Trond Myklebust
2008-10-07 22:19 ` [PATCH 15/30] sunrpc: do not pin sunrpc module in the memory Trond Myklebust
2008-10-07 22:19 ` [PATCH 09/30] NFS: Convert __nfs_revalidate_inode() to use nfs_refresh_inode() Trond Myklebust
2008-10-07 22:19 ` [PATCH 06/30] NFS: Clean up nfs_refresh_inode() and nfs_post_op_update_inode() Trond Myklebust
2008-10-07 22:19 ` [PATCH 10/30] NFS: Don't clear nfsi->cache_validity in nfs_check_inode_attributes() Trond Myklebust
2008-10-07 22:19 ` [PATCH 08/30] NFS: Fix nfs_post_op_update_inode_force_wcc() Trond Myklebust
2008-10-07 22:19 ` [PATCH 13/30] fix fs/nfs/nfsroot.c compilation Trond Myklebust
2008-10-07 22:19 ` [PATCH 16/30] nfs: BUG_ON in nfs_follow_mountpoint Trond Myklebust
2008-10-07 22:19 ` [PATCH 03/30] NFS: Add options for finer control of the lookup cache Trond Myklebust
2008-10-07 22:19 ` [PATCH 14/30] nfs: ERR_PTR is expected on failure from nfs_do_clone_mount Trond Myklebust
2008-10-07 22:19 ` [PATCH 07/30] NFS: Fix the NFS attribute update Trond Myklebust
2008-10-07 22:19 ` [PATCH 17/30] nfs: remove an obsolete nfs_flock comment Trond Myklebust
2008-10-07 22:19 ` [PATCH 05/30] NFS: Add mount options for controlling the lookup cache Trond Myklebust
2008-10-07 22:19 ` [PATCH 11/30] NFS: Fix up nfs_setattr_update_inode() Trond Myklebust
2008-10-07 22:19 ` [PATCH 18/30] NFS: missing nfs_fattr_init in nfs3_proc_getacl and nfs3_proc_setacls (resend #2) Trond Myklebust
2008-10-07 22:19 ` [PATCH 21/30] nfs: replace while loop by for loops in nfs_follow_referral Trond Myklebust
2008-10-07 22:19 ` [PATCH 19/30] nfs: authenticated deep mounting Trond Myklebust
2008-10-07 22:19 ` [PATCH 12/30] NFS: Allow concurrent inode revalidation Trond Myklebust
2008-10-07 22:19 ` [PATCH 30/30] sunrpc: fix oops in rpc_create when the mount namespace is unshared Trond Myklebust
2008-10-07 22:19 ` [PATCH 25/30] NFS: SETCLIENTID truncates client ID and netid Trond Myklebust
[not found] ` <20081007221954.20945.76616.stgit-bi+AKbBUZKY6gyzm1THtWbp2dZbC/Bob@public.gmane.org>
2008-10-08 14:55 ` Chuck Lever
2008-10-08 17:56 ` Trond Myklebust
2008-10-15 15:36 ` Chuck Lever
2008-10-07 22:19 ` [PATCH 29/30] NFS: Don't use range_cyclic for data integrity syncs Trond Myklebust
2008-10-07 22:19 ` [PATCH 27/30] SUNRPC: Fix a memory leak in rpcb_getport_async Trond Myklebust
2008-10-07 22:19 ` [PATCH 28/30] NFS: Client mounts hang when exported directory do not exist Trond Myklebust
2008-10-07 22:19 ` [PATCH 24/30] NFS: remove 8 bytes of padding from struct nfs_fattr on 64 bit builds Trond Myklebust
2008-10-07 22:19 ` [PATCH 26/30] SUNRPC: Fix autobind on cloned rpc clients Trond Myklebust
2008-10-07 22:19 ` Trond Myklebust [this message]
2008-10-08 19:31 ` [PATCH 00/30] What's in the NFS queue for 2.6.27 J. Bruce Fields
2008-10-08 19:37 ` Trond Myklebust
2008-10-08 19:39 ` J. Bruce Fields
2008-10-08 19:38 ` [PATCH 1/5] NFS: fix nfs_parse_ip_address() corner case J. Bruce Fields
2008-10-08 19:38 ` [PATCH 2/5] nfs: break up nfs_follow_referral J. Bruce Fields
2008-10-08 19:38 ` [PATCH 3/5] nfs: replace while loop by for loops in nfs_follow_referral J. Bruce Fields
2008-10-08 19:38 ` [PATCH 4/5] nfs: prepare to share nfs_set_port J. Bruce Fields
2008-10-08 19:38 ` [PATCH 5/5] nfs: Fix misparsing of nfsv4 fs_locations attribute J. Bruce Fields
Reply instructions:
You may reply publicly to this message via plain-text email
using any one of the following methods:
* Save the following mbox file, import it into your mail client,
and reply-to-all from there: mbox
Avoid top-posting and favor interleaved quoting:
https://en.wikipedia.org/wiki/Posting_style#Interleaved_style
* Reply using the --to, --cc, and --in-reply-to
switches of git-send-email(1):
git send-email \
--in-reply-to=20081007221953.20945.2828.stgit@localhost.localdomain \
--to=trond.myklebust@netapp.com \
--cc=bfields@citi.umich.edu \
--cc=linux-nfs@vger.kernel.org \
/path/to/YOUR_REPLY
https://kernel.org/pub/software/scm/git/docs/git-send-email.html
* If your mail client supports setting the In-Reply-To header
via mailto: links, try the mailto: link
Be sure your reply has a Subject: header at the top and a blank line
before the message body.
This is an external index of several public inboxes,
see mirroring instructions on how to clone and mirror
all data and code used by this external index.