From: "J. Bruce Fields" <bfields@fieldses.org>
To: Tim Gardner <tim.gardner@canonical.com>
Cc: linux-kernel@vger.kernel.org,
Trond Myklebust <Trond.Myklebust@netapp.com>,
linux-nfs@vger.kernel.org
Subject: Re: [PATCH linux-next] lockd: nlmsvc_mark_resources(): avoid stack overflow
Date: Tue, 12 Feb 2013 16:22:46 -0500 [thread overview]
Message-ID: <20130212212246.GH10267@fieldses.org> (raw)
In-Reply-To: <1360698538-63040-1-git-send-email-tim.gardner@canonical.com>
On Tue, Feb 12, 2013 at 12:48:58PM -0700, Tim Gardner wrote:
> Dynamically allocate the NLM host structure in order to avoid stack overflow.
> nlmsvc_mark_resources() is several call levels deep in a stack
> that has a number of large variables. 512 bytes seems like a lot
> on the stack at this point.
>
> smatch analysis:
>
> fs/lockd/svcsubs.c:366 nlmsvc_mark_resources() warn: 'hint' puts
> 512 bytes on stack
>
> Cc: Trond Myklebust <Trond.Myklebust@netapp.com>
> Cc: "J. Bruce Fields" <bfields@fieldses.org>
> Cc: linux-nfs@vger.kernel.org
> Signed-off-by: Tim Gardner <tim.gardner@canonical.com>
> ---
> fs/lockd/svcsubs.c | 12 ++++++++----
> 1 file changed, 8 insertions(+), 4 deletions(-)
>
> diff --git a/fs/lockd/svcsubs.c b/fs/lockd/svcsubs.c
> index b904f41..f3abb7f 100644
> --- a/fs/lockd/svcsubs.c
> +++ b/fs/lockd/svcsubs.c
> @@ -363,11 +363,15 @@ nlmsvc_is_client(void *data, struct nlm_host *dummy)
> void
> nlmsvc_mark_resources(struct net *net)
> {
> - struct nlm_host hint;
> + struct nlm_host *hint = kzalloc(sizeof(*hint), GFP_KERNEL);
>
> - dprintk("lockd: nlmsvc_mark_resources for net %p\n", net);
> - hint.net = net;
> - nlm_traverse_files(&hint, nlmsvc_mark_host, NULL);
> + if (hint) {
> + dprintk("lockd: nlmsvc_mark_resources for net %p\n", net);
> + hint->net = net;
> + nlm_traverse_files(hint, nlmsvc_mark_host, NULL);
> + }
Silently neglecting to do this looks like a bad idea.
It's strange that we're passing in an nlm_host when all we actually use
is the struct net*. Why not just change this to pass in the net
instead?
--b.
> +
> + kfree(hint);
> }
>
> /*
> --
> 1.7.9.5
>
next prev parent reply other threads:[~2013-02-12 21:22 UTC|newest]
Thread overview: 3+ messages / expand[flat|nested] mbox.gz Atom feed top
2013-02-12 19:48 [PATCH linux-next] lockd: nlmsvc_mark_resources(): avoid stack overflow Tim Gardner
2013-02-12 21:22 ` J. Bruce Fields [this message]
2013-02-13 14:40 ` Tim Gardner
Reply instructions:
You may reply publicly to this message via plain-text email
using any one of the following methods:
* Save the following mbox file, import it into your mail client,
and reply-to-all from there: mbox
Avoid top-posting and favor interleaved quoting:
https://en.wikipedia.org/wiki/Posting_style#Interleaved_style
* Reply using the --to, --cc, and --in-reply-to
switches of git-send-email(1):
git send-email \
--in-reply-to=20130212212246.GH10267@fieldses.org \
--to=bfields@fieldses.org \
--cc=Trond.Myklebust@netapp.com \
--cc=linux-kernel@vger.kernel.org \
--cc=linux-nfs@vger.kernel.org \
--cc=tim.gardner@canonical.com \
/path/to/YOUR_REPLY
https://kernel.org/pub/software/scm/git/docs/git-send-email.html
* If your mail client supports setting the In-Reply-To header
via mailto: links, try the mailto: link
Be sure your reply has a Subject: header at the top and a blank line
before the message body.
This is an external index of several public inboxes,
see mirroring instructions on how to clone and mirror
all data and code used by this external index.