[PATCH 01/13] NFS: Refactor IP address sanity checks in NFS client

Chuck Lever <chuck.lever@xxxxxxxxxx> · Mon, 21 May 2007 12:09:18 -0400

Provide mechanism for adding IPv6 address support at some later point.

Signed-off-by: Chuck Lever <chuck.lever@xxxxxxxxxx>
Cc: Aurelien Charbon <aurelien.charbon@xxxxxxxxxxxx>
---

 fs/nfs/super.c |   39 ++++++++++++++++++++++++++++-----------
 1 files changed, 28 insertions(+), 11 deletions(-)

diff --git a/fs/nfs/super.c b/fs/nfs/super.c
index 1fce778..31f7313 100644
--- a/fs/nfs/super.c
+++ b/fs/nfs/super.c
@@ -436,6 +436,28 @@ static void nfs_umount_begin(struct vfsmount *vfsmnt, int flags)
 }
 
 /*
+ * Sanity-check a server address provided by the mount command
+ */
+static int nfs_verify_server_address(struct sockaddr *addr, size_t len)
+{
+	if (len > sizeof(struct sockaddr))
+		goto out_invalid;
+
+	switch (addr->sa_family) {
+	case AF_INET: {
+		struct sockaddr_in *sa = (struct sockaddr_in *) addr;
+		if (sa->sin_addr.s_addr != INADDR_ANY)
+			return 1;
+		break;
+	}
+	}
+
+out_invalid:
+	dprintk("NFS: mount program passed an invalid remote address\n");
+	return 0;
+}
+
+/*
  * Validate the NFS2/NFS3 mount data
  * - fills in the mount root filehandle
  */
@@ -490,11 +512,9 @@ static int nfs_validate_mount_data(struct nfs_mount_data *data,
 #endif /* CONFIG_NFS_V3 */
 
 	/* We now require that the mount process passes the remote address */
-	if (data->addr.sin_addr.s_addr == INADDR_ANY) {
-		dprintk("%s: mount program didn't pass remote address!\n",
-			__FUNCTION__);
-		return -EINVAL;
-	}
+	if (!nfs_verify_server_address((struct sockaddr *) &data->addr,
+						sizeof(data->addr)))
+ 		return -EINVAL;
 
 	/* Prepare the root filehandle */
 	if (data->flags & NFS_MOUNT_VER3)
@@ -828,13 +848,10 @@ static int nfs4_get_sb(struct file_system_type *fs_type,
 	if (copy_from_user(&addr, data->host_addr, sizeof(addr)))
 		return -EFAULT;
 
-	if (addr.sin_family != AF_INET ||
-	    addr.sin_addr.s_addr == INADDR_ANY
-	    ) {
-		dprintk("%s: mount program didn't pass remote IP address!\n",
-				__FUNCTION__);
+	if (!nfs_verify_server_address((struct sockaddr *) &addr,
+					data->host_addrlen))
 		return -EINVAL;
-	}
+
 	/* RFC3530: The default port for NFS is 2049 */
 	if (addr.sin_port == 0)
 		addr.sin_port = htons(NFS_PORT);

-
To unsubscribe from this list: send the line "unsubscribe linux-fsdevel" in
the body of a message to majordomo@xxxxxxxxxxxxxxx
More majordomo info at  http://vger.kernel.org/majordomo-info.html




