On Jan 11, 2010, at 6:08 PM, Trond Myklebust wrote:
On Wed, 2010-01-06 at 13:23 -0500, andros@xxxxxxxxxx wrote:
From: Andy Adamson <andros@xxxxxxxxxx>
decode_op_hdr returns NFS4ERR_RESOURCE on decode buffer overflow
which is
correct for v4.0. Will fix the return for v4.1 along with all the
other
NFS4ERR_RESOURCE overflow errors in a later patch.
Signed-off-by: Andy Adamson <andros@xxxxxxxxxx>
---
fs/nfs/callback_xdr.c | 6 ++----
1 files changed, 2 insertions(+), 4 deletions(-)
diff --git a/fs/nfs/callback_xdr.c b/fs/nfs/callback_xdr.c
index 8e1a251..e24487d 100644
--- a/fs/nfs/callback_xdr.c
+++ b/fs/nfs/callback_xdr.c
@@ -605,17 +605,15 @@ static __be32 process_op(uint32_t
minorversion, int nop,
struct xdr_stream *xdr_out, void *resp)
{
struct callback_op *op = &callback_ops[0];
- unsigned int op_nr = OP_CB_ILLEGAL;
+ unsigned int op_nr;
This will cause us to return a random op number in the case where the
buffer overflows.
yes - good catch.
__be32 status;
long maxlen;
__be32 res;
dprintk("%s: start\n", __func__);
status = decode_op_hdr(xdr_in, &op_nr);
- if (unlikely(status)) {
- status = htonl(NFS4ERR_OP_ILLEGAL);
+ if (unlikely(status))
goto out;
- }
dprintk("%s: minorversion=%d nop=%d op_nr=%u\n",
__func__, minorversion, nop, op_nr);
The correct thing to do would appear to be rather to set
NFS4ERR_RESOURCE in the CB_COMPOUND return value, and simply not to
return an op here at all.
Agreed.
-->Andy
Trond
--
To unsubscribe from this list: send the line "unsubscribe linux-nfs" in
the body of a message to majordomo@xxxxxxxxxxxxxxx
More majordomo info at http://vger.kernel.org/majordomo-info.html
