On Fri, 2011-03-18 at 10:16 +1100, NeilBrown wrote: > On Thu, 17 Mar 2011 14:01:05 -0400 Trond Myklebust > <Trond.Myklebust@xxxxxxxxxx> wrote: > > > On Thu, 2011-03-17 at 09:38 +1100, NeilBrown wrote: > > > We should probably submit a fix to 2.6.37-stable though. For that it > > > is possibly simplest to tell xdr_decode_inline to round nbytes up to > > > a multiple of 4 - would you agree? > > > > How about the following fix for 2.6.37 stable? > > That is good for NFSv3, but NFSv2 has the same problem. Code fragment is > p = xdr_inline_decode(xdr, entry->len + 4); > if (unlikely(!p)) > goto out_overflow; > entry->name = (const char *) p; > p += XDR_QUADLEN(entry->len); > entry->prev_cookie = entry->cookie; > entry->cookie = ntohl(*p++); > > so again we have the cookie after the name and they are decoded together. Fair enough. I'll fix that one too. -- Trond Myklebust Linux NFS client maintainer NetApp Trond.Myklebust@xxxxxxxxxx www.netapp.com -- To unsubscribe from this list: send the line "unsubscribe linux-nfs" in the body of a message to majordomo@xxxxxxxxxxxxxxx More majordomo info at http://vger.kernel.org/majordomo-info.html
