From: "J. Bruce Fields" <bfields@fieldses.org>
To: Chuck Lever <chuck.lever@oracle.com>
Cc: trond.myklebust@fys.uio.no, linux-nfs@vger.kernel.org
Subject: Re: [PATCH 36/40] NFSD: Prevent buffer overflow in write_threads()
Date: Wed, 18 Mar 2009 19:54:58 -0400 [thread overview]
Message-ID: <20090318235458.GR18894@fieldses.org> (raw)
In-Reply-To: <20090312161129.16019.26502.stgit-07a7zB5ZJzbwdl/1UfZZQIVfYA8g3rJ/@public.gmane.org>
On Thu, Mar 12, 2009 at 12:11:30PM -0400, Chuck Lever wrote:
> Fix up write_threads() to eliminate the small possibility of
> overflowing its output buffer.
A gripe: could you be more specific about that "small possibility"?
Looks like the answer in this case is that the buffer overflow is
currently impossible, and that this is defensive programming against
someone making SIMPLE_TRANSACTION_LIMIT ridiculously small, or
something. OK, but that should be stated very clearly in the commit
message.
(A lot of people may read a patch that begins "Prevent buffer overflow".
Let's be kind to them! (A less alarming subject might also not be a bad
idea.))
Ditto for some of the other patches.
--b.
>
> Signed-off-by: Chuck Lever <chuck.lever@oracle.com>
> ---
>
> fs/nfsd/nfsctl.c | 9 +++++----
> 1 files changed, 5 insertions(+), 4 deletions(-)
>
> diff --git a/fs/nfsd/nfsctl.c b/fs/nfsd/nfsctl.c
> index ce54d72..e8009c8 100644
> --- a/fs/nfsd/nfsctl.c
> +++ b/fs/nfsd/nfsctl.c
> @@ -666,9 +666,9 @@ static ssize_t write_filehandle(struct file *file, char *buf, size_t size)
> static ssize_t write_threads(struct file *file, char *buf, size_t size)
> {
> char *mesg = buf;
> - int rv;
> +
> if (size > 0) {
> - int newthreads;
> + int rv, newthreads;
> rv = get_int(&mesg, &newthreads);
> if (rv)
> return rv;
> @@ -678,8 +678,9 @@ static ssize_t write_threads(struct file *file, char *buf, size_t size)
> if (rv)
> return rv;
> }
> - sprintf(buf, "%d\n", nfsd_nrthreads());
> - return strlen(buf);
> +
> + return scnprintf(buf, SIMPLE_TRANSACTION_LIMIT, "%d\n",
> + nfsd_nrthreads());
> }
>
> /**
>
prev parent reply other threads:[~2009-03-18 23:55 UTC|newest]
Thread overview: 21+ messages / expand[flat|nested] mbox.gz Atom feed top
2009-03-12 16:06 [PATCH 00/40] Proposed patches for 2.6.30 Chuck Lever
[not found] ` <20090312155609.16019.86499.stgit-07a7zB5ZJzbwdl/1UfZZQIVfYA8g3rJ/@public.gmane.org>
2009-03-12 16:07 ` [PATCH 01/40] SUNRPC: Fix return type of svc_addr_len() Chuck Lever
[not found] ` <20090312160706.16019.81338.stgit-07a7zB5ZJzbwdl/1UfZZQIVfYA8g3rJ/@public.gmane.org>
2009-03-18 22:08 ` J. Bruce Fields
2009-03-18 22:40 ` Chuck Lever
2009-03-12 16:07 ` [PATCH 02/40] SUNRPC: Clean up static inline functions in svc_xprt.h Chuck Lever
[not found] ` <20090312160713.16019.56290.stgit-07a7zB5ZJzbwdl/1UfZZQIVfYA8g3rJ/@public.gmane.org>
2009-03-18 22:13 ` J. Bruce Fields
2009-03-12 16:07 ` [PATCH 03/40] SUNRPC: Clean up svc_find_xprt() calling sequence Chuck Lever
[not found] ` <20090312160721.16019.89653.stgit-07a7zB5ZJzbwdl/1UfZZQIVfYA8g3rJ/@public.gmane.org>
2009-03-18 22:34 ` J. Bruce Fields
2009-03-18 22:55 ` J. Bruce Fields
2009-03-12 16:07 ` [PATCH 04/40] SUNRPC: Pass a family argument to svc_register() Chuck Lever
2009-03-12 16:07 ` [PATCH 05/40] SUNRPC: svc_setup_socket() gets protocol family from socket Chuck Lever
2009-03-12 16:07 ` [PATCH 06/40] SUNRPC: Change svc_create_xprt() to take a @family argument Chuck Lever
2009-03-12 16:07 ` [PATCH 07/40] SUNRPC: Remove @family argument from svc_create() and svc_create_pooled() Chuck Lever
2009-03-12 16:07 ` [PATCH 08/40] NFS: Revert creation of IPv6 listeners for lockd and NFSv4 callbacks Chuck Lever
2009-03-12 16:08 ` [PATCH 09/40] SUNRPC: Set IPV6ONLY flag on PF_INET6 RPC listener sockets Chuck Lever
2009-03-12 16:08 ` [PATCH 10/40] SUNRPC: Use IPv4 loopback for registering AF_INET6 kernel RPC services Chuck Lever
2009-03-12 16:08 ` [PATCH 12/40] SUNRPC: Clean up address type casts in rpcb_v4_register() Chuck Lever
2009-03-12 16:08 ` [PATCH 13/40] SUNRPC: rpcbind actually interprets r_owner string Chuck Lever
2009-03-12 16:08 ` [PATCH 14/40] SUNRPC: Allow callers to pass rpcb_v4_register a NULL address Chuck Lever
2009-03-12 16:08 ` [PATCH 15/40] SUNRPC: Simplify svc_unregister() Chuck Lever
[not found] ` <20090312161129.16019.26502.stgit@ingres.1015granger.net>
[not found] ` <20090312161129.16019.26502.stgit-07a7zB5ZJzbwdl/1UfZZQIVfYA8g3rJ/@public.gmane.org>
2009-03-18 23:54 ` J. Bruce Fields [this message]
Reply instructions:
You may reply publicly to this message via plain-text email
using any one of the following methods:
* Save the following mbox file, import it into your mail client,
and reply-to-all from there: mbox
Avoid top-posting and favor interleaved quoting:
https://en.wikipedia.org/wiki/Posting_style#Interleaved_style
* Reply using the --to, --cc, and --in-reply-to
switches of git-send-email(1):
git send-email \
--in-reply-to=20090318235458.GR18894@fieldses.org \
--to=bfields@fieldses.org \
--cc=chuck.lever@oracle.com \
--cc=linux-nfs@vger.kernel.org \
--cc=trond.myklebust@fys.uio.no \
/path/to/YOUR_REPLY
https://kernel.org/pub/software/scm/git/docs/git-send-email.html
* If your mail client supports setting the In-Reply-To header
via mailto: links, try the mailto: link
Be sure your reply has a Subject: header at the top and a blank line
before the message body.
This is a public inbox, see mirroring instructions
for how to clone and mirror all data and code used for this inbox