On Thu, Jul 14, 2011 at 02:56:02PM +0800, Mi Jinlong wrote:
> This patch checks request's size when it consists SEQUENCE.
>
> v4:
> delete format fixing which length exceed 80
>
> v3:
> remove the check about only SEQUENCE operation.
> check the size immediately after find session.
> modify some function's format which length exceed 80.
Both applied, thanks!
--b.
>
> Signed-off-by: Mi Jinlong <mijinlong@xxxxxxxxxxxxxx>
> ---
> fs/nfsd/nfs4state.c | 12 ++++++++++++
> 1 files changed, 12 insertions(+), 0 deletions(-)
>
> diff --git a/fs/nfsd/nfs4state.c b/fs/nfsd/nfs4state.c
> index 72899ec..cc20587 100644
> --- a/fs/nfsd/nfs4state.c
> +++ b/fs/nfsd/nfs4state.c
> @@ -1763,6 +1763,14 @@ static bool nfsd4_session_too_many_ops(struct svc_rqst *rqstp, struct nfsd4_sess
> return args->opcnt > session->se_fchannel.maxops;
> }
>
> +static bool nfsd4_request_too_big(struct svc_rqst *rqstp,
> + struct nfsd4_session *session)
> +{
> + struct xdr_buf *xb = &rqstp->rq_arg;
> +
> + return xb->len > session->se_fchannel.maxreq_sz;
> +}
> +
> __be32
> nfsd4_sequence(struct svc_rqst *rqstp,
> struct nfsd4_compound_state *cstate,
> @@ -1795,6 +1803,10 @@ nfsd4_sequence(struct svc_rqst *rqstp,
> if (nfsd4_session_too_many_ops(rqstp, session))
> goto out;
>
> + status = nfserr_req_too_big;
> + if (nfsd4_request_too_big(rqstp, session))
> + goto out;
> +
> status = nfserr_badslot;
> if (seq->slotid >= session->se_fchannel.maxreqs)
> goto out;
> --
> 1.7.5.4
>
>
>
--
To unsubscribe from this list: send the line "unsubscribe linux-nfs" in
the body of a message to majordomo@xxxxxxxxxxxxxxx
More majordomo info at http://vger.kernel.org/majordomo-info.html
