Re: [PATCH 1/1] NFSD: fix decoding in nfs4_xdr_dec_cb_getattr

[Date Prev][Date Next][Thread Prev][Thread Next][Date Index][Thread Index]

 



On Thu, 2024-12-19 at 15:12 -0500, Olga Kornievskaia wrote:
> If a client were to send an error to a CB_GETATTR call, the code
> erronously continues to try decode past the error code. It ends
> up returning BAD_XDR error to the rpc layer and then in turn
> trigger a WARN_ONCE in nfsd4_cb_done() function.
> 
> Fixes: 6487a13b5c6b ("NFSD: add support for CB_GETATTR callback")
> Signed-off-by: Olga Kornievskaia <okorniev@xxxxxxxxxx>
> ---
>  fs/nfsd/nfs4callback.c | 2 +-
>  1 file changed, 1 insertion(+), 1 deletion(-)
> 
> diff --git a/fs/nfsd/nfs4callback.c b/fs/nfsd/nfs4callback.c
> index 3877b53e429f..f24d8654393d 100644
> --- a/fs/nfsd/nfs4callback.c
> +++ b/fs/nfsd/nfs4callback.c
> @@ -647,7 +647,7 @@ static int nfs4_xdr_dec_cb_getattr(struct rpc_rqst *rqstp,
>  		return status;
>  
>  	status = decode_cb_op_status(xdr, OP_CB_GETATTR, &cb->cb_status);
> -	if (status)
> +	if (status || cb->cb_status)
>  		return status;
>  	if (xdr_stream_decode_uint32_array(xdr, bitmap, 3) < 0)
>  		return -NFSERR_BAD_XDR;

Nice catch!

Reviewed-by: Jeff Layton <jlayton@xxxxxxxxxx>





[Index of Archives]     [Linux Filesystem Development]     [Linux USB Development]     [Linux Media Development]     [Video for Linux]     [Linux NILFS]     [Linux Audio Users]     [Yosemite Info]     [Linux SCSI]

  Powered by Linux