From: "Serge E. Hallyn" <serge@hallyn.com>
To: James Morris <jmorris@namei.org>
Cc: linux-nfs@vger.kernel.org, linux-security-module@vger.kernel.org,
Trond Myklebust <Trond.Myklebust@netapp.com>,
"J. Bruce Fields" <bfields@fieldses.org>,
Neil Brown <neilb@suse.de>,
linux-fsdevel@vger.kernel.org,
Stephen Smalley <sds@tycho.nsa.gov>
Subject: Re: [PATCH 3/8][RFC v05] NFSv3: add client implementation of XATTR protocol
Date: Thu, 24 Jun 2010 08:44:03 -0500 [thread overview]
Message-ID: <20100624134403.GA9479@hallyn.com> (raw)
In-Reply-To: <alpine.LRH.2.00.1006241825580.3960@tundra.namei.org>
Quoting James Morris (jmorris@namei.org):
> On Wed, 23 Jun 2010, Serge E. Hallyn wrote:
>
> > > + status = res.xattr_val_len;
> > > + if (status <= size)
> >
> > res.xattr_val_len was set to size, as was status, and none of the
> > 3 has been changed, so here status can't be > size can it?
>
> res is part of msg, and is updated by the RPC layer when decoding the
> response (via xdr_decode_string_inplace()).
Ah, I see, it's passed in as a member of msg. Thanks.
> > Was this just a safety to prevent overrun, or did you mean to
> > do some other check? (If a safety, then you'll still return
> > status > size, but with garbage in value, so i think you'd want
> > to also change status)
> >
> > > + memcpy(value, res.xattr_val, status);
> >
>
> Yes, the check stops us from copying more than the max. expected size to
> 'value'.
>
> It looks like we do need to return -EINVAL if the check fails, and likely
> the same with listxattr(). (Or is there a better error code for reporting
> invalid messages from the peer?)
That'd be my pick.
-serge
next prev parent reply other threads:[~2010-06-24 13:43 UTC|newest]
Thread overview: 23+ messages / expand[flat|nested] mbox.gz Atom feed top
2010-06-21 11:25 [PATCH 0/8][v05][RFC] NFSv3: implement extended attribute protocol (XATTR) James Morris
2010-06-21 11:27 ` [PATCH 1/8][RFC v05] NFSv3: convert client to generic xattr API James Morris
2010-06-21 11:28 ` [PATCH 2/8][RFC v05] NFSv3: add xattr API config option for client James Morris
2010-06-21 11:29 ` [PATCH 3/8][RFC v05] NFSv3: add client implementation of XATTR protocol James Morris
2010-06-21 20:02 ` Chuck Lever
[not found] ` <4C1FC553.4030904-QHcLZuEGTsvQT0dZR+AlfA@public.gmane.org>
2010-06-21 23:21 ` James Morris
2010-06-22 15:32 ` Chuck Lever
[not found] ` <4C20D779.5040008-QHcLZuEGTsvQT0dZR+AlfA@public.gmane.org>
2010-06-23 0:26 ` James Morris
2010-06-23 15:56 ` Casey Schaufler
2010-06-23 17:29 ` Chuck Lever
[not found] ` <4C224463.90306-QHcLZuEGTsvQT0dZR+AlfA@public.gmane.org>
2010-06-23 21:39 ` Casey Schaufler
2010-06-23 23:49 ` James Morris
[not found] ` <alpine.LRH.2.00.1006230857450.25778-CK9fWmtY32x9JUWOpEiw7w@public.gmane.org>
2010-06-23 18:35 ` J. Bruce Fields
2010-06-23 18:58 ` Trond Myklebust
2010-06-23 22:51 ` James Morris
[not found] ` <alpine.LRH.2.00.1006212128160.13583-CK9fWmtY32x9JUWOpEiw7w@public.gmane.org>
2010-06-24 4:33 ` Serge E. Hallyn
2010-06-24 8:35 ` James Morris
2010-06-24 13:44 ` Serge E. Hallyn [this message]
2010-06-21 11:30 ` [PATCH 4/8][RFC v05] NFSv3: add server " James Morris
2010-06-21 11:30 ` [PATCH 5/8][RFC v05] XATTR: add new top level nfsd namespace and implement ext3 support James Morris
[not found] ` <alpine.LRH.2.00.1006212051530.13583-CK9fWmtY32x9JUWOpEiw7w@public.gmane.org>
2010-06-21 11:31 ` [PATCH 6/8][RFC v05] NFSv3: Add server namespace support for XATTR protocol implementation James Morris
2010-06-21 11:32 ` [PATCH 7/8][RFC v05] NFSv3: Add xattr and xattrsec mount options to support XATTR protocol James Morris
2010-06-21 11:33 ` [PATCH 8/8][RFC v05] SELinux/NFSv3: Enable xattr labeling behavior for SELinux with the " James Morris
Reply instructions:
You may reply publicly to this message via plain-text email
using any one of the following methods:
* Save the following mbox file, import it into your mail client,
and reply-to-all from there: mbox
Avoid top-posting and favor interleaved quoting:
https://en.wikipedia.org/wiki/Posting_style#Interleaved_style
* Reply using the --to, --cc, and --in-reply-to
switches of git-send-email(1):
git send-email \
--in-reply-to=20100624134403.GA9479@hallyn.com \
--to=serge@hallyn.com \
--cc=Trond.Myklebust@netapp.com \
--cc=bfields@fieldses.org \
--cc=jmorris@namei.org \
--cc=linux-fsdevel@vger.kernel.org \
--cc=linux-nfs@vger.kernel.org \
--cc=linux-security-module@vger.kernel.org \
--cc=neilb@suse.de \
--cc=sds@tycho.nsa.gov \
/path/to/YOUR_REPLY
https://kernel.org/pub/software/scm/git/docs/git-send-email.html
* If your mail client supports setting the In-Reply-To header
via mailto: links, try the mailto: link
Be sure your reply has a Subject: header at the top and a blank line
before the message body.
This is a public inbox, see mirroring instructions
for how to clone and mirror all data and code used for this inbox;
as well as URLs for NNTP newsgroup(s).