From: Trond Myklebust <Trond.Myklebust@netapp.com>
To: linux-nfs@vger.kernel.org
Cc: "J. Bruce Fields" <bfields@citi.umich.edu>
Subject: [PATCH 23/30] nfs: Fix misparsing of nfsv4 fs_locations attribute
Date: Tue, 07 Oct 2008 18:19:54 -0400 [thread overview]
Message-ID: <20081007221953.20945.2828.stgit@localhost.localdomain> (raw)
In-Reply-To: <20081007221952.20945.69529.stgit-bi+AKbBUZKY6gyzm1THtWbp2dZbC/Bob@public.gmane.org>
From: J. Bruce Fields <bfields@citi.umich.edu>
The code incorrectly assumes here that the server name (or ip address)
is null-terminated. This can cause referrals to fail in some cases.
Also support ipv6 addresses.
Signed-off-by: J. Bruce Fields <bfields@citi.umich.edu>
Signed-off-by: Trond Myklebust <Trond.Myklebust@netapp.com>
---
fs/nfs/internal.h | 2 ++
fs/nfs/nfs4namespace.c | 44 ++++++++++++++++++--------------------------
fs/nfs/super.c | 4 +---
3 files changed, 21 insertions(+), 29 deletions(-)
diff --git a/fs/nfs/internal.h b/fs/nfs/internal.h
index 8d91bd8..5d2a5d3 100644
--- a/fs/nfs/internal.h
+++ b/fs/nfs/internal.h
@@ -153,6 +153,7 @@ extern void nfs4_clear_inode(struct inode *);
void nfs_zap_acl_cache(struct inode *inode);
/* super.c */
+void nfs_parse_ip_address(char *, size_t, struct sockaddr *, size_t *);
extern struct file_system_type nfs_xdev_fs_type;
#ifdef CONFIG_NFS_V4
extern struct file_system_type nfs4_xdev_fs_type;
@@ -276,6 +277,7 @@ unsigned int nfs_page_array_len(unsigned int base, size_t len)
PAGE_SIZE - 1) >> PAGE_SHIFT;
}
+#define IPV6_SCOPE_DELIMITER '%'
/*
* Set the port number in an address. Be agnostic about the address
diff --git a/fs/nfs/nfs4namespace.c b/fs/nfs/nfs4namespace.c
index 6bcc569..30befc3 100644
--- a/fs/nfs/nfs4namespace.c
+++ b/fs/nfs/nfs4namespace.c
@@ -93,50 +93,42 @@ static int nfs4_validate_fspath(const struct vfsmount *mnt_parent,
return 0;
}
-/*
- * Check if the string represents a "valid" IPv4 address
- */
-static inline int valid_ipaddr4(const char *buf)
-{
- int rc, count, in[4];
-
- rc = sscanf(buf, "%d.%d.%d.%d", &in[0], &in[1], &in[2], &in[3]);
- if (rc != 4)
- return -EINVAL;
- for (count = 0; count < 4; count++) {
- if (in[count] > 255)
- return -EINVAL;
- }
- return 0;
-}
-
static struct vfsmount *try_location(struct nfs_clone_mount *mountdata,
char *page, char *page2,
const struct nfs4_fs_location *location)
{
struct vfsmount *mnt = ERR_PTR(-ENOENT);
char *mnt_path;
+ int page2len;
unsigned int s;
mnt_path = nfs4_pathname_string(&location->rootpath, page2, PAGE_SIZE);
if (IS_ERR(mnt_path))
return mnt;
mountdata->mnt_path = mnt_path;
+ page2 += strlen(mnt_path) + 1;
+ page2len = PAGE_SIZE - strlen(mnt_path) - 1;
for (s = 0; s < location->nservers; s++) {
- struct sockaddr_in addr = {
- .sin_family = AF_INET,
- .sin_port = htons(NFS_PORT),
- };
+ const struct nfs4_string *buf = &location->servers[s];
+ struct sockaddr_storage addr;
- if (location->servers[s].len <= 0 ||
- valid_ipaddr4(location->servers[s].data) < 0)
+ if (buf->len <= 0 || buf->len >= PAGE_SIZE)
continue;
- mountdata->hostname = location->servers[s].data;
- addr.sin_addr.s_addr = in_aton(mountdata->hostname),
mountdata->addr = (struct sockaddr *)&addr;
- mountdata->addrlen = sizeof(addr);
+
+ if (memchr(buf->data, IPV6_SCOPE_DELIMITER, buf->len))
+ continue;
+ nfs_parse_ip_address(buf->data, buf->len,
+ mountdata->addr, &mountdata->addrlen);
+ if (mountdata->addr->sa_family == AF_UNSPEC)
+ continue;
+ nfs_set_port(mountdata->addr, NFS_PORT);
+
+ strncpy(page2, buf->data, page2len);
+ page2[page2len] = '\0';
+ mountdata->hostname = page2;
snprintf(page, PAGE_SIZE, "%s:%s",
mountdata->hostname,
diff --git a/fs/nfs/super.c b/fs/nfs/super.c
index b99096b..20dc4cc 100644
--- a/fs/nfs/super.c
+++ b/fs/nfs/super.c
@@ -716,8 +716,6 @@ static void nfs_parse_ipv4_address(char *string, size_t str_len,
*addr_len = 0;
}
-#define IPV6_SCOPE_DELIMITER '%'
-
#if defined(CONFIG_IPV6) || defined(CONFIG_IPV6_MODULE)
static void nfs_parse_ipv6_scope_id(const char *string, const size_t str_len,
const char *delim,
@@ -790,7 +788,7 @@ static void nfs_parse_ipv6_address(char *string, size_t str_len,
* If there is a problem constructing the new sockaddr, set the address
* family to AF_UNSPEC.
*/
-static void nfs_parse_ip_address(char *string, size_t str_len,
+void nfs_parse_ip_address(char *string, size_t str_len,
struct sockaddr *sap, size_t *addr_len)
{
unsigned int i, colons;
next prev parent reply other threads:[~2008-10-07 22:32 UTC|newest]
Thread overview: 42+ messages / expand[flat|nested] mbox.gz Atom feed top
2008-10-07 22:19 [PATCH 00/30] What's in the NFS queue for 2.6.27 Trond Myklebust
[not found] ` <20081007221952.20945.69529.stgit-bi+AKbBUZKY6gyzm1THtWbp2dZbC/Bob@public.gmane.org>
2008-10-07 22:19 ` [PATCH 01/30] NFS: Fix nfs_file_llseek() Trond Myklebust
2008-10-07 22:19 ` [PATCH 02/30] NFS: Clean up nfs_sb_active/nfs_sb_deactive Trond Myklebust
2008-10-07 22:19 ` [PATCH 17/30] nfs: remove an obsolete nfs_flock comment Trond Myklebust
2008-10-07 22:19 ` [PATCH 11/30] NFS: Fix up nfs_setattr_update_inode() Trond Myklebust
2008-10-07 22:19 ` [PATCH 05/30] NFS: Add mount options for controlling the lookup cache Trond Myklebust
2008-10-07 22:19 ` [PATCH 21/30] nfs: replace while loop by for loops in nfs_follow_referral Trond Myklebust
2008-10-07 22:19 ` [PATCH 18/30] NFS: missing nfs_fattr_init in nfs3_proc_getacl and nfs3_proc_setacls (resend #2) Trond Myklebust
2008-10-07 22:19 ` [PATCH 12/30] NFS: Allow concurrent inode revalidation Trond Myklebust
2008-10-07 22:19 ` [PATCH 19/30] nfs: authenticated deep mounting Trond Myklebust
2008-10-07 22:19 ` [PATCH 04/30] NFS: Don't apply NFS_MOUNT_FLAGMASK to text-based mounts Trond Myklebust
2008-10-07 22:19 ` [PATCH 20/30] nfs: break up nfs_follow_referral Trond Myklebust
2008-10-07 22:19 ` [PATCH 22/30] nfs: prepare to share nfs_set_port Trond Myklebust
2008-10-07 22:19 ` [PATCH 15/30] sunrpc: do not pin sunrpc module in the memory Trond Myklebust
2008-10-07 22:19 ` [PATCH 06/30] NFS: Clean up nfs_refresh_inode() and nfs_post_op_update_inode() Trond Myklebust
2008-10-07 22:19 ` [PATCH 09/30] NFS: Convert __nfs_revalidate_inode() to use nfs_refresh_inode() Trond Myklebust
2008-10-07 22:19 ` [PATCH 10/30] NFS: Don't clear nfsi->cache_validity in nfs_check_inode_attributes() Trond Myklebust
2008-10-07 22:19 ` [PATCH 08/30] NFS: Fix nfs_post_op_update_inode_force_wcc() Trond Myklebust
2008-10-07 22:19 ` [PATCH 13/30] fix fs/nfs/nfsroot.c compilation Trond Myklebust
2008-10-07 22:19 ` [PATCH 16/30] nfs: BUG_ON in nfs_follow_mountpoint Trond Myklebust
2008-10-07 22:19 ` [PATCH 03/30] NFS: Add options for finer control of the lookup cache Trond Myklebust
2008-10-07 22:19 ` [PATCH 14/30] nfs: ERR_PTR is expected on failure from nfs_do_clone_mount Trond Myklebust
2008-10-07 22:19 ` [PATCH 07/30] NFS: Fix the NFS attribute update Trond Myklebust
2008-10-07 22:19 ` [PATCH 29/30] NFS: Don't use range_cyclic for data integrity syncs Trond Myklebust
2008-10-07 22:19 ` [PATCH 27/30] SUNRPC: Fix a memory leak in rpcb_getport_async Trond Myklebust
2008-10-07 22:19 ` [PATCH 28/30] NFS: Client mounts hang when exported directory do not exist Trond Myklebust
2008-10-07 22:19 ` [PATCH 24/30] NFS: remove 8 bytes of padding from struct nfs_fattr on 64 bit builds Trond Myklebust
2008-10-07 22:19 ` [PATCH 26/30] SUNRPC: Fix autobind on cloned rpc clients Trond Myklebust
2008-10-07 22:19 ` Trond Myklebust [this message]
2008-10-07 22:19 ` [PATCH 30/30] sunrpc: fix oops in rpc_create when the mount namespace is unshared Trond Myklebust
2008-10-07 22:19 ` [PATCH 25/30] NFS: SETCLIENTID truncates client ID and netid Trond Myklebust
[not found] ` <20081007221954.20945.76616.stgit-bi+AKbBUZKY6gyzm1THtWbp2dZbC/Bob@public.gmane.org>
2008-10-08 14:55 ` Chuck Lever
2008-10-08 17:56 ` Trond Myklebust
2008-10-15 15:36 ` Chuck Lever
2008-10-08 19:31 ` [PATCH 00/30] What's in the NFS queue for 2.6.27 J. Bruce Fields
2008-10-08 19:37 ` Trond Myklebust
2008-10-08 19:39 ` J. Bruce Fields
2008-10-08 19:38 ` [PATCH 1/5] NFS: fix nfs_parse_ip_address() corner case J. Bruce Fields
2008-10-08 19:38 ` [PATCH 2/5] nfs: break up nfs_follow_referral J. Bruce Fields
2008-10-08 19:38 ` [PATCH 3/5] nfs: replace while loop by for loops in nfs_follow_referral J. Bruce Fields
2008-10-08 19:38 ` [PATCH 4/5] nfs: prepare to share nfs_set_port J. Bruce Fields
2008-10-08 19:38 ` [PATCH 5/5] nfs: Fix misparsing of nfsv4 fs_locations attribute J. Bruce Fields
Reply instructions:
You may reply publicly to this message via plain-text email
using any one of the following methods:
* Save the following mbox file, import it into your mail client,
and reply-to-all from there: mbox
Avoid top-posting and favor interleaved quoting:
https://en.wikipedia.org/wiki/Posting_style#Interleaved_style
* Reply using the --to, --cc, and --in-reply-to
switches of git-send-email(1):
git send-email \
--in-reply-to=20081007221953.20945.2828.stgit@localhost.localdomain \
--to=trond.myklebust@netapp.com \
--cc=bfields@citi.umich.edu \
--cc=linux-nfs@vger.kernel.org \
/path/to/YOUR_REPLY
https://kernel.org/pub/software/scm/git/docs/git-send-email.html
* If your mail client supports setting the In-Reply-To header
via mailto: links, try the mailto: link
Be sure your reply has a Subject: header at the top and a blank line
before the message body.
This is a public inbox, see mirroring instructions
for how to clone and mirror all data and code used for this inbox