[PATCH 1/2] NFSD: Pass correct buffer size to rpc

linux-nfs.vger.kernel.org archive mirror
 help / color / mirror / Atom feed

* [PATCH 1/2] NFSD: Pass correct buffer size to rpc_ntop
@ 2012-12-07 21:17 bjschuma
  2012-12-07 21:17 ` [PATCH 2/2] NFSD: Correct the size calculation in fault_inject_write bjschuma
  2012-12-07 23:44 ` [PATCH 1/2] NFSD: Pass correct buffer size to rpc_ntop Jim Rees
  0 siblings, 2 replies; 4+ messages in thread
From: bjschuma @ 2012-12-07 21:17 UTC (permalink / raw)
  To: bfields; +Cc: linux-nfs

From: Bryan Schumaker <bjschuma@netapp.com>

I honestly have no idea where I got 129 from, but it's a much bigger
value than the actual buffer size (INET6_ADDRSTRLEN).

Signed-off-by: Bryan Schumaker <bjschuma@netapp.com>
---
 fs/nfsd/fault_inject.c | 2 +-
 fs/nfsd/nfs4state.c    | 4 ++--
 2 files changed, 3 insertions(+), 3 deletions(-)

diff --git a/fs/nfsd/fault_inject.c b/fs/nfsd/fault_inject.c
index 96ffdf5..7a7b079 100644
--- a/fs/nfsd/fault_inject.c
+++ b/fs/nfsd/fault_inject.c
@@ -79,7 +79,7 @@ static void nfsd_inject_set_client(struct nfsd_fault_inject_op *op,
 	clp = nfsd_find_client(addr, addr_size);
 	if (clp) {
 		count = op->forget(clp, 0);
-		rpc_ntop((struct sockaddr *)&clp->cl_addr, buf, 129);
+		rpc_ntop((struct sockaddr *)&clp->cl_addr, buf, sizeof(buf));
 		printk(KERN_INFO "NFSD [%s]: Client %s had %llu state object(s)\n", op->file, buf, count);
 	}
 	nfs4_unlock_state();
diff --git a/fs/nfsd/nfs4state.c b/fs/nfsd/nfs4state.c
index eff7340..ce94174 100644
--- a/fs/nfsd/nfs4state.c
+++ b/fs/nfsd/nfs4state.c
@@ -4614,7 +4614,7 @@ u64 nfsd_forget_client(struct nfs4_client *clp, u64 max)
 u64 nfsd_print_client(struct nfs4_client *clp, u64 num)
 {
 	char buf[INET6_ADDRSTRLEN];
-	rpc_ntop((struct sockaddr *)&clp->cl_addr, buf, 129);
+	rpc_ntop((struct sockaddr *)&clp->cl_addr, buf, sizeof(buf));
 	printk(KERN_INFO "NFS Client: %s\n", buf);
 	return 1;
 }
@@ -4623,7 +4623,7 @@ static void nfsd_print_count(struct nfs4_client *clp, unsigned int count,
 			     const char *type)
 {
 	char buf[INET6_ADDRSTRLEN];
-	rpc_ntop((struct sockaddr *)&clp->cl_addr, buf, 129);
+	rpc_ntop((struct sockaddr *)&clp->cl_addr, buf, sizeof(buf));
 	printk(KERN_INFO "NFS Client: %s has %u %s\n", buf, count, type);
 }
 
-- 
1.8.0.1


^ permalink raw reply related	[flat|nested] 4+ messages in thread

* [PATCH 2/2] NFSD: Correct the size calculation in fault_inject_write
  2012-12-07 21:17 [PATCH 1/2] NFSD: Pass correct buffer size to rpc_ntop bjschuma
@ 2012-12-07 21:17 ` bjschuma
  2012-12-07 23:44 ` [PATCH 1/2] NFSD: Pass correct buffer size to rpc_ntop Jim Rees
  1 sibling, 0 replies; 4+ messages in thread
From: bjschuma @ 2012-12-07 21:17 UTC (permalink / raw)
  To: bfields; +Cc: linux-nfs

From: Bryan Schumaker <bjschuma@netapp.com>

If len == 0 we end up with size = (0 - 1), which could cause bad things
to happen in copy_from_user().

Signed-off-by: Bryan Schumaker <bjschuma@netapp.com>
---
 fs/nfsd/fault_inject.c | 2 +-
 1 file changed, 1 insertion(+), 1 deletion(-)

diff --git a/fs/nfsd/fault_inject.c b/fs/nfsd/fault_inject.c
index 7a7b079..e761ee9 100644
--- a/fs/nfsd/fault_inject.c
+++ b/fs/nfsd/fault_inject.c
@@ -122,7 +122,7 @@ static ssize_t fault_inject_write(struct file *file, const char __user *buf,
 				  size_t len, loff_t *ppos)
 {
 	char write_buf[INET6_ADDRSTRLEN];
-	size_t size = min(sizeof(write_buf), len) - 1;
+	size_t size = min(sizeof(write_buf) - 1, len);
 	struct net *net = current->nsproxy->net_ns;
 	struct sockaddr_storage sa;
 	u64 val;
-- 
1.8.0.1


^ permalink raw reply related	[flat|nested] 4+ messages in thread

* Re: [PATCH 1/2] NFSD: Pass correct buffer size to rpc_ntop
  2012-12-07 21:17 [PATCH 1/2] NFSD: Pass correct buffer size to rpc_ntop bjschuma
  2012-12-07 21:17 ` [PATCH 2/2] NFSD: Correct the size calculation in fault_inject_write bjschuma
@ 2012-12-07 23:44 ` Jim Rees
  2012-12-10 23:08   ` J. Bruce Fields
  1 sibling, 1 reply; 4+ messages in thread
From: Jim Rees @ 2012-12-07 23:44 UTC (permalink / raw)
  To: bjschuma; +Cc: bfields, linux-nfs

bjschuma@netapp.com wrote:

  From: Bryan Schumaker <bjschuma@netapp.com>
  
  I honestly have no idea where I got 129 from, but it's a much bigger
  value than the actual buffer size (INET6_ADDRSTRLEN).

128 for the number of bits in an ip6 address, plus one more for the null
terminator bit?

(yes, I'm joking, for those of you with no sense of humor)

^ permalink raw reply	[flat|nested] 4+ messages in thread

* Re: [PATCH 1/2] NFSD: Pass correct buffer size to rpc_ntop
  2012-12-07 23:44 ` [PATCH 1/2] NFSD: Pass correct buffer size to rpc_ntop Jim Rees
@ 2012-12-10 23:08   ` J. Bruce Fields
  0 siblings, 0 replies; 4+ messages in thread
From: J. Bruce Fields @ 2012-12-10 23:08 UTC (permalink / raw)
  To: Jim Rees; +Cc: bjschuma, linux-nfs

On Fri, Dec 07, 2012 at 06:44:20PM -0500, Jim Rees wrote:
> bjschuma@netapp.com wrote:
> 
>   From: Bryan Schumaker <bjschuma@netapp.com>
>   
>   I honestly have no idea where I got 129 from, but it's a much bigger
>   value than the actual buffer size (INET6_ADDRSTRLEN).
> 
> 128 for the number of bits in an ip6 address, plus one more for the null
> terminator bit?
> 
> (yes, I'm joking, for those of you with no sense of humor)

Hm.

Anyway, applying....

--b.

^ permalink raw reply	[flat|nested] 4+ messages in thread

end of thread, other threads:[~2012-12-10 23:08 UTC | newest]

Thread overview: 4+ messages (download: mbox.gz follow: Atom feed
-- links below jump to the message on this page --
2012-12-07 21:17 [PATCH 1/2] NFSD: Pass correct buffer size to rpc_ntop bjschuma
2012-12-07 21:17 ` [PATCH 2/2] NFSD: Correct the size calculation in fault_inject_write bjschuma
2012-12-07 23:44 ` [PATCH 1/2] NFSD: Pass correct buffer size to rpc_ntop Jim Rees
2012-12-10 23:08   ` J. Bruce Fields

This is a public inbox, see mirroring instructions
for how to clone and mirror all data and code used for this inbox;
as well as URLs for NNTP newsgroup(s).