On Wed, 2010-01-06 at 13:23 -0500, andros@xxxxxxxxxx wrote:
> From: Andy Adamson <andros@xxxxxxxxxx>
>
> decode_op_hdr returns NFS4ERR_RESOURCE on decode buffer overflow which is
> correct for v4.0. Will fix the return for v4.1 along with all the other
> NFS4ERR_RESOURCE overflow errors in a later patch.
>
> Signed-off-by: Andy Adamson <andros@xxxxxxxxxx>
> ---
> fs/nfs/callback_xdr.c | 6 ++----
> 1 files changed, 2 insertions(+), 4 deletions(-)
>
> diff --git a/fs/nfs/callback_xdr.c b/fs/nfs/callback_xdr.c
> index 8e1a251..e24487d 100644
> --- a/fs/nfs/callback_xdr.c
> +++ b/fs/nfs/callback_xdr.c
> @@ -605,17 +605,15 @@ static __be32 process_op(uint32_t minorversion, int nop,
> struct xdr_stream *xdr_out, void *resp)
> {
> struct callback_op *op = &callback_ops[0];
> - unsigned int op_nr = OP_CB_ILLEGAL;
> + unsigned int op_nr;
This will cause us to return a random op number in the case where the
buffer overflows.
> __be32 status;
> long maxlen;
> __be32 res;
>
> dprintk("%s: start\n", __func__);
> status = decode_op_hdr(xdr_in, &op_nr);
> - if (unlikely(status)) {
> - status = htonl(NFS4ERR_OP_ILLEGAL);
> + if (unlikely(status))
> goto out;
> - }
>
> dprintk("%s: minorversion=%d nop=%d op_nr=%u\n",
> __func__, minorversion, nop, op_nr);
The correct thing to do would appear to be rather to set
NFS4ERR_RESOURCE in the CB_COMPOUND return value, and simply not to
return an op here at all.
Trond
--
To unsubscribe from this list: send the line "unsubscribe linux-nfs" in
the body of a message to majordomo@xxxxxxxxxxxxxxx
More majordomo info at http://vger.kernel.org/majordomo-info.html
