Re: [PATCH] nfsd: wrong index used in inner loop

linux-nfs.vger.kernel.org archive mirror
 help / color / mirror / Atom feed

From: Mi Jinlong <mijinlong@cn.fujitsu.com>
To: "J. Bruce Fields" <bfields@fieldses.org>
Cc: Andrew Morton <akpm@linux-foundation.org>,
	roel <roel.kluin@gmail.com>, Neil Brown <neilb@suse.de>,
	linux-nfs@vger.kernel.org, LKML <linux-kernel@vger.kernel.org>
Subject: Re: [PATCH] nfsd: wrong index used in inner loop
Date: Fri, 11 Mar 2011 11:52:14 +0800	[thread overview]
Message-ID: <4D799C6E.1050101@cn.fujitsu.com> (raw)
In-Reply-To: <20110310180800.GA31984@fieldses.org>



J. Bruce Fields:
> On Wed, Mar 09, 2011 at 03:42:30PM -0800, Andrew Morton wrote:
>> On Tue, 08 Mar 2011 22:32:26 +0100
>> roel <roel.kluin@gmail.com> wrote:
>>
>>> Index i was already used in the outer loop
>>>
>>> Signed-off-by: Roel Kluin <roel.kluin@gmail.com>
>>> ---
>>>  fs/nfsd/nfs4xdr.c |    4 ++--
>>>  1 files changed, 2 insertions(+), 2 deletions(-)
>>>
>>> Not 100% sure this one is needed but it looks suspicious.
>>>
>>> diff --git a/fs/nfsd/nfs4xdr.c b/fs/nfsd/nfs4xdr.c
>>> index 1275b86..615f0a9 100644
>>> --- a/fs/nfsd/nfs4xdr.c
>>> +++ b/fs/nfsd/nfs4xdr.c
>>> @@ -1142,7 +1142,7 @@ nfsd4_decode_create_session(struct nfsd4_compoundargs *argp,
>>>  
>>>  	u32 dummy;
>>>  	char *machine_name;
>>> -	int i;
>>> +	int i, j;
>>>  	int nr_secflavs;
>>>  
>>>  	READ_BUF(16);
>>> @@ -1215,7 +1215,7 @@ nfsd4_decode_create_session(struct nfsd4_compoundargs *argp,
>>>  			READ_BUF(4);
>>>  			READ32(dummy);
>>>  			READ_BUF(dummy * 4);
>>> -			for (i = 0; i < dummy; ++i)
>>> +			for (j = 0; j < dummy; ++j)
>>>  				READ32(dummy);
>>>  			break;
>>>  		case RPC_AUTH_GSS:
>> ooh, big bug.
>>
>> I wonder why it was not previously detected at runtime.  Perhaps
>> nr_secflavs is always 1.
> 
> Yeah, no client uses this calback security information yet.
> 
> Mi Jinlong, do you think this is something we could have caught with
> another pynfs test?

  Yes, we must test it.

  After testing, the following test case is OK.

--
thanks,
Mi Jinlong


>From 1afac3444b37bac66970f19c409660a304a53fb4 Mon Sep 17 00:00:00 2001
From: Mi Jinlong <mijinlong@cn.fujitsu.com>
Date: Sun, 11 Mar 2011 09:05:22 +0800
Subject: [PATCH] CLNT: test a decode problem which use wrong index

Signed-off-by: Mi Jinlong <mijinlong@cn.fujitsu.com>
---
 nfs4.1/server41tests/st_create_session.py |   16 ++++++++++++++++
 1 files changed, 16 insertions(+), 0 deletions(-)

diff --git a/nfs4.1/server41tests/st_create_session.py b/nfs4.1/server41tests/st_create_session.py
index ff55d10..e3a8421 100644
--- a/nfs4.1/server41tests/st_create_session.py
+++ b/nfs4.1/server41tests/st_create_session.py
@@ -252,6 +252,22 @@ def testCbSecParms(t, env):
     c1 = env.c1.new_client(env.testname(t))
     sess1 = c1.create_session(sec=sec)
 
+def testCbSecParmsDec(t, env):
+    """A decode problem was found at NFS server that 
+       wrong index used in inner loop, 
+       http://marc.info/?l=linux-kernel&m=129961996327640&w=2
+
+    FLAGS: create_session all
+    CODE: CSESS16a
+    """
+    sec = [callback_sec_parms4(AUTH_NONE),
+           callback_sec_parms4(RPCSEC_GSS, cbsp_gss_handles=gss_cb_handles4(RPC_GSS_SVC_PRIVACY, "Handle from server", "Client handle")),
+           callback_sec_parms4(AUTH_SYS, cbsp_sys_cred=authsys_parms(5, "Random machine name", 7, 11, [])),
+           ]
+                               
+    c1 = env.c1.new_client(env.testname(t))
+    sess1 = c1.create_session(sec=sec)
+
 def testRdmaArray0(t, env):
     """Test 0 length rdma arrays
 
-- 
1.7.4.1

next prev parent reply	other threads:[~2011-03-11  3:51 UTC|newest]

Thread overview: 12+ messages / expand[flat|nested]  mbox.gz  Atom feed  top
2011-03-08 21:32 [PATCH] nfsd: wrong index used in inner loop roel
2011-03-09  0:49 ` J. Bruce Fields
2011-03-11  4:13   ` Mi Jinlong
2011-03-14 22:22     ` J. Bruce Fields
2011-03-14 23:52       ` Trond Myklebust
2011-03-16 22:55         ` J. Bruce Fields
2011-03-15  2:31       ` Mi Jinlong
2011-03-17 17:52         ` J. Bruce Fields
2011-03-09 23:42 ` Andrew Morton
2011-03-10 18:08   ` J. Bruce Fields
2011-03-11  3:52     ` Mi Jinlong [this message]
2011-03-14 19:35       ` J. Bruce Fields

find likely ancestor, descendant, or conflicting patches for this message:
( dfblob:ff55d10 dfblob:e3a8421 )
 OR (
bs:"CLNT: test a decode problem which use wrong index" )
	(help)

Reply instructions:

You may reply publicly to this message via plain-text email
using any one of the following methods:

* Save the following mbox file, import it into your mail client,
  and reply-to-all from there: mbox

  Avoid top-posting and favor interleaved quoting:
  https://en.wikipedia.org/wiki/Posting_style#Interleaved_style

* Reply using the --to, --cc, and --in-reply-to
  switches of git-send-email(1):

  git send-email \
    --in-reply-to=4D799C6E.1050101@cn.fujitsu.com \
    --to=mijinlong@cn.fujitsu.com \
    --cc=akpm@linux-foundation.org \
    --cc=bfields@fieldses.org \
    --cc=linux-kernel@vger.kernel.org \
    --cc=linux-nfs@vger.kernel.org \
    --cc=neilb@suse.de \
    --cc=roel.kluin@gmail.com \
    /path/to/YOUR_REPLY

  https://kernel.org/pub/software/scm/git/docs/git-send-email.html

* If your mail client supports setting the In-Reply-To header
  via mailto: links, try the mailto: link

Be sure your reply has a Subject: header at the top and a blank line before the message body.

This is a public inbox, see mirroring instructions
for how to clone and mirror all data and code used for this inbox;
as well as URLs for NNTP newsgroup(s).