If the incorrect buffer size were passed into nfs4_get_uniquifier
function then a memory access error could occur. This change prevents us
from accidentally passing an unrelated variable into the buffer copy
function.
Signed-off-by: Ethan Carter Edwards <ethan@xxxxxxxxxxxxxxxxx>
---
fs/nfs/nfs4proc.c | 10 +++++-----
1 file changed, 5 insertions(+), 5 deletions(-)
diff --git a/fs/nfs/nfs4proc.c b/fs/nfs/nfs4proc.c
index 405f17e6e0b4..18311bf5338d 100644
--- a/fs/nfs/nfs4proc.c
+++ b/fs/nfs/nfs4proc.c
@@ -6408,7 +6408,7 @@ static void nfs4_init_boot_verifier(const struct nfs_client *clp,
}
static size_t
-nfs4_get_uniquifier(struct nfs_client *clp, char *buf, size_t buflen)
+nfs4_get_uniquifier(struct nfs_client *clp, char *buf)
{
struct nfs_net *nn = net_generic(clp->cl_net, nfs_net_id);
struct nfs_netns_client *nn_clp = nn->nfs_client;
@@ -6420,12 +6420,12 @@ nfs4_get_uniquifier(struct nfs_client *clp, char *buf, size_t buflen)
rcu_read_lock();
id = rcu_dereference(nn_clp->identifier);
if (id)
- strscpy(buf, id, buflen);
+ strscpy(buf, id, sizeof(buf));
rcu_read_unlock();
}
if (nfs4_client_id_uniquifier[0] != '\0' && buf[0] == '\0')
- strscpy(buf, nfs4_client_id_uniquifier, buflen);
+ strscpy(buf, nfs4_client_id_uniquifier, sizeof(buf));
return strlen(buf);
}
@@ -6449,7 +6449,7 @@ nfs4_init_nonuniform_client_string(struct nfs_client *clp)
1;
rcu_read_unlock();
- buflen = nfs4_get_uniquifier(clp, buf, sizeof(buf));
+ buflen = nfs4_get_uniquifier(clp, buf);
if (buflen)
len += buflen + 1;
@@ -6496,7 +6496,7 @@ nfs4_init_uniform_client_string(struct nfs_client *clp)
len = 10 + 10 + 1 + 10 + 1 +
strlen(clp->cl_rpcclient->cl_nodename) + 1;
- buflen = nfs4_get_uniquifier(clp, buf, sizeof(buf));
+ buflen = nfs4_get_uniquifier(clp, buf);
if (buflen)
len += buflen + 1;
--
2.48.0
