Signed-off-by: Chuck Lever <chuck.lever@xxxxxxxxxx>
---
fs/nfsd/nfs3xdr.c | 41 ++++++++++++++++++++++++++++++++++++-----
1 file changed, 36 insertions(+), 5 deletions(-)
diff --git a/fs/nfsd/nfs3xdr.c b/fs/nfsd/nfs3xdr.c
index a74c309ad429..763bac27cfda 100644
--- a/fs/nfsd/nfs3xdr.c
+++ b/fs/nfsd/nfs3xdr.c
@@ -117,6 +117,40 @@ decode_filename(__be32 *p, char **namp, unsigned int *lenp)
return p;
}
+static enum xdr_decode_result
+svcxdr_decode_filename3(struct xdr_stream *xdr, char **name, unsigned int *len)
+{
+ u32 size, i;
+ __be32 *p;
+ char *c;
+
+ if (xdr_stream_decode_u32(xdr, &size) < 0)
+ return XDR_DECODE_FAILED;
+ if (size == 0 || size > NFS3_MAXNAMLEN)
+ return XDR_DECODE_FAILED;
+ p = xdr_inline_decode(xdr, size);
+ if (!p)
+ return XDR_DECODE_FAILED;
+
+ *len = size;
+ *name = (char *)p;
+ for (i = 0, c = *name; i < size; i++, c++) {
+ if (*c == '\0' || *c == '/')
+ return XDR_DECODE_FAILED;
+ }
+
+ return XDR_DECODE_DONE;
+}
+
+static enum xdr_decode_result
+svcxdr_decode_diropargs3(struct xdr_stream *xdr, struct svc_fh *fhp,
+ char **name, unsigned int *len)
+{
+ if (!svcxdr_decode_nfs_fh3(xdr, fhp))
+ return XDR_DECODE_FAILED;
+ return svcxdr_decode_filename3(xdr, name, len);
+}
+
static __be32 *
decode_sattr3(__be32 *p, struct iattr *iap, struct user_namespace *userns)
{
@@ -357,13 +391,10 @@ nfs3svc_decode_sattrargs(struct svc_rqst *rqstp, __be32 *p)
int
nfs3svc_decode_diropargs(struct svc_rqst *rqstp, __be32 *p)
{
+ struct xdr_stream *xdr = &rqstp->rq_xdr_stream;
struct nfsd3_diropargs *args = rqstp->rq_argp;
- if (!(p = decode_fh(p, &args->fh))
- || !(p = decode_filename(p, &args->name, &args->len)))
- return 0;
-
- return xdr_argsize_check(rqstp, p);
+ return svcxdr_decode_diropargs3(xdr, &args->fh, &args->name, &args->len);
}
int
