Re: [PATCH 1/4] rpc: clean up decoding of gssproxy linux creds

[Date Prev][Date Next][Thread Prev][Thread Next][Date Index][Thread Index]

 



On Thu, Sep 05, 2013 at 12:30:05PM -0400, J. Bruce Fields wrote:
> From: "J. Bruce Fields" <bfields@xxxxxxxxxx>
> 
> We can use the normal coding infrastructure here.
> 
> Two minor behavior changes:
> 
> 	- we're assuming no wasted space at the end of the linux cred.
> 	  That seems to match gss-proxy's behavior, and I can't see why
> 	  it would need to do differently in the future.
> 
> 	- NGROUPS_MAX check added: note groups_alloc doesn't do this,
> 	  this is the caller's responsibility.

Ignore the "n/4" patches, apologies, some left-over patches that got
picked up by the glob in my "git send-email 00*" command!

--b.

> 
> Signed-off-by: J. Bruce Fields <bfields@xxxxxxxxxx>
> ---
>  net/sunrpc/auth_gss/gss_rpc_xdr.c |   32 +++++++++++++-------------------
>  1 file changed, 13 insertions(+), 19 deletions(-)
> 
> diff --git a/net/sunrpc/auth_gss/gss_rpc_xdr.c b/net/sunrpc/auth_gss/gss_rpc_xdr.c
> index 3c85d1c..f5067b2 100644
> --- a/net/sunrpc/auth_gss/gss_rpc_xdr.c
> +++ b/net/sunrpc/auth_gss/gss_rpc_xdr.c
> @@ -166,14 +166,14 @@ static int dummy_dec_opt_array(struct xdr_stream *xdr,
>  	return 0;
>  }
>  
> -static int get_s32(void **p, void *max, s32 *res)
> +static int get_s32(struct xdr_stream *xdr, s32 *res)
>  {
> -	void *base = *p;
> -	void *next = (void *)((char *)base + sizeof(s32));
> -	if (unlikely(next > max || next < base))
> +	__be32 *p;
> +
> +	p = xdr_inline_decode(xdr, 4);
> +	if (!p)
>  		return -EINVAL;
> -	memcpy(res, base, sizeof(s32));
> -	*p = next;
> +	memcpy(res, p, sizeof(s32));
>  	return 0;
>  }
>  
> @@ -182,7 +182,6 @@ static int gssx_dec_linux_creds(struct xdr_stream *xdr,
>  {
>  	u32 length;
>  	__be32 *p;
> -	void *q, *end;
>  	s32 tmp;
>  	int N, i, err;
>  
> @@ -192,33 +191,28 @@ static int gssx_dec_linux_creds(struct xdr_stream *xdr,
>  
>  	length = be32_to_cpup(p);
>  
> -	/* FIXME: we do not want to use the scratch buffer for this one
> -	 * may need to use functions that allows us to access an io vector
> -	 * directly */
> -	p = xdr_inline_decode(xdr, length);
> -	if (unlikely(p == NULL))
> +	if (length > (3 + NGROUPS_MAX) * sizeof(u32))
>  		return -ENOSPC;
>  
> -	q = p;
> -	end = q + length;
> -
>  	/* uid */
> -	err = get_s32(&q, end, &tmp);
> +	err = get_s32(xdr, &tmp);
>  	if (err)
>  		return err;
>  	creds->cr_uid = make_kuid(&init_user_ns, tmp);
>  
>  	/* gid */
> -	err = get_s32(&q, end, &tmp);
> +	err = get_s32(xdr, &tmp);
>  	if (err)
>  		return err;
>  	creds->cr_gid = make_kgid(&init_user_ns, tmp);
>  
>  	/* number of additional gid's */
> -	err = get_s32(&q, end, &tmp);
> +	err = get_s32(xdr, &tmp);
>  	if (err)
>  		return err;
>  	N = tmp;
> +	if ((3 + N) * sizeof(u32) != length)
> +		return -EINVAL;
>  	creds->cr_group_info = groups_alloc(N);
>  	if (creds->cr_group_info == NULL)
>  		return -ENOMEM;
> @@ -226,7 +220,7 @@ static int gssx_dec_linux_creds(struct xdr_stream *xdr,
>  	/* gid's */
>  	for (i = 0; i < N; i++) {
>  		kgid_t kgid;
> -		err = get_s32(&q, end, &tmp);
> +		err = get_s32(xdr, &tmp);
>  		if (err)
>  			goto out_free_groups;
>  		err = -EINVAL;
> -- 
> 1.7.9.5
> 
> --
> To unsubscribe from this list: send the line "unsubscribe linux-nfs" in
> the body of a message to majordomo@xxxxxxxxxxxxxxx
> More majordomo info at  http://vger.kernel.org/majordomo-info.html
--
To unsubscribe from this list: send the line "unsubscribe linux-fsdevel" in
the body of a message to majordomo@xxxxxxxxxxxxxxx
More majordomo info at  http://vger.kernel.org/majordomo-info.html




[Index of Archives]     [Linux Ext4 Filesystem]     [Union Filesystem]     [Filesystem Testing]     [Ceph Users]     [Ecryptfs]     [AutoFS]     [Kernel Newbies]     [Share Photos]     [Security]     [Netfilter]     [Bugtraq]     [Yosemite News]     [MIPS Linux]     [ARM Linux]     [Linux Security]     [Linux Cachefs]     [Reiser Filesystem]     [Linux RAID]     [Samba]     [Device Mapper]     [CEPH Development]
  Powered by Linux