On Thu, Sep 05, 2013 at 12:30:05PM -0400, J. Bruce Fields wrote:
> From: "J. Bruce Fields" <bfields@xxxxxxxxxx>
>
> We can use the normal coding infrastructure here.
>
> Two minor behavior changes:
>
> - we're assuming no wasted space at the end of the linux cred.
> That seems to match gss-proxy's behavior, and I can't see why
> it would need to do differently in the future.
>
> - NGROUPS_MAX check added: note groups_alloc doesn't do this,
> this is the caller's responsibility.
Ignore the "n/4" patches, apologies, some left-over patches that got
picked up by the glob in my "git send-email 00*" command!
--b.
>
> Signed-off-by: J. Bruce Fields <bfields@xxxxxxxxxx>
> ---
> net/sunrpc/auth_gss/gss_rpc_xdr.c | 32 +++++++++++++-------------------
> 1 file changed, 13 insertions(+), 19 deletions(-)
>
> diff --git a/net/sunrpc/auth_gss/gss_rpc_xdr.c b/net/sunrpc/auth_gss/gss_rpc_xdr.c
> index 3c85d1c..f5067b2 100644
> --- a/net/sunrpc/auth_gss/gss_rpc_xdr.c
> +++ b/net/sunrpc/auth_gss/gss_rpc_xdr.c
> @@ -166,14 +166,14 @@ static int dummy_dec_opt_array(struct xdr_stream *xdr,
> return 0;
> }
>
> -static int get_s32(void **p, void *max, s32 *res)
> +static int get_s32(struct xdr_stream *xdr, s32 *res)
> {
> - void *base = *p;
> - void *next = (void *)((char *)base + sizeof(s32));
> - if (unlikely(next > max || next < base))
> + __be32 *p;
> +
> + p = xdr_inline_decode(xdr, 4);
> + if (!p)
> return -EINVAL;
> - memcpy(res, base, sizeof(s32));
> - *p = next;
> + memcpy(res, p, sizeof(s32));
> return 0;
> }
>
> @@ -182,7 +182,6 @@ static int gssx_dec_linux_creds(struct xdr_stream *xdr,
> {
> u32 length;
> __be32 *p;
> - void *q, *end;
> s32 tmp;
> int N, i, err;
>
> @@ -192,33 +191,28 @@ static int gssx_dec_linux_creds(struct xdr_stream *xdr,
>
> length = be32_to_cpup(p);
>
> - /* FIXME: we do not want to use the scratch buffer for this one
> - * may need to use functions that allows us to access an io vector
> - * directly */
> - p = xdr_inline_decode(xdr, length);
> - if (unlikely(p == NULL))
> + if (length > (3 + NGROUPS_MAX) * sizeof(u32))
> return -ENOSPC;
>
> - q = p;
> - end = q + length;
> -
> /* uid */
> - err = get_s32(&q, end, &tmp);
> + err = get_s32(xdr, &tmp);
> if (err)
> return err;
> creds->cr_uid = make_kuid(&init_user_ns, tmp);
>
> /* gid */
> - err = get_s32(&q, end, &tmp);
> + err = get_s32(xdr, &tmp);
> if (err)
> return err;
> creds->cr_gid = make_kgid(&init_user_ns, tmp);
>
> /* number of additional gid's */
> - err = get_s32(&q, end, &tmp);
> + err = get_s32(xdr, &tmp);
> if (err)
> return err;
> N = tmp;
> + if ((3 + N) * sizeof(u32) != length)
> + return -EINVAL;
> creds->cr_group_info = groups_alloc(N);
> if (creds->cr_group_info == NULL)
> return -ENOMEM;
> @@ -226,7 +220,7 @@ static int gssx_dec_linux_creds(struct xdr_stream *xdr,
> /* gid's */
> for (i = 0; i < N; i++) {
> kgid_t kgid;
> - err = get_s32(&q, end, &tmp);
> + err = get_s32(xdr, &tmp);
> if (err)
> goto out_free_groups;
> err = -EINVAL;
> --
> 1.7.9.5
>
> --
> To unsubscribe from this list: send the line "unsubscribe linux-nfs" in
> the body of a message to majordomo@xxxxxxxxxxxxxxx
> More majordomo info at http://vger.kernel.org/majordomo-info.html
--
To unsubscribe from this list: send the line "unsubscribe linux-nfs" in
the body of a message to majordomo@xxxxxxxxxxxxxxx
More majordomo info at http://vger.kernel.org/majordomo-info.html
