Skip to content

L
linux
Commit 8a891633 authored by Kinglong Mee's avatar Kinglong Mee Committed by J. Bruce Fields
Browse files
Options

NFSD: fix bad length checking for backchannel 

the length for backchannel checking should be multiplied by sizeof(__be32).
Signed-off-by: default avatarKinglong Mee <kinglongmee@gmail.com>
Signed-off-by: default avatarJ. Bruce Fields <bfields@redhat.com>
parent f403e450
Hide whitespace changes
Inline Side-by-side
Showing with 7 additions and 2 deletions
fs/nfsd/nfs4state.c
View file @ 8a891633
......@@ -1853,6 +1853,11 @@ static __be32 check_forechannel_attrs(struct nfsd4_channel_attrs *ca, struct nfs
return nfs_ok;
}
#define NFSD_CB_MAX_REQ_SZ ((NFS4_enc_cb_recall_sz + \
RPC_MAX_HEADER_WITH_AUTH) * sizeof(__be32))
#define NFSD_CB_MAX_RESP_SZ ((NFS4_dec_cb_recall_sz + \
RPC_MAX_REPHEADER_WITH_AUTH) * sizeof(__be32))
static __be32 check_backchannel_attrs(struct nfsd4_channel_attrs *ca)
{
ca->headerpadsz = 0;
......@@ -1863,9 +1868,9 @@ static __be32 check_backchannel_attrs(struct nfsd4_channel_attrs *ca)
* less than 1k. Tighten up this estimate in the unlikely event
* it turns out to be a problem for some client:
*/
if (ca->maxreq_sz < NFS4_enc_cb_recall_sz + RPC_MAX_HEADER_WITH_AUTH)
if (ca->maxreq_sz < NFSD_CB_MAX_REQ_SZ)
return nfserr_toosmall;
if (ca->maxresp_sz < NFS4_dec_cb_recall_sz + RPC_MAX_REPHEADER_WITH_AUTH)
if (ca->maxresp_sz < NFSD_CB_MAX_RESP_SZ)
return nfserr_toosmall;
ca->maxresp_cached = 0;
if (ca->maxops < 2)
......
Markdown is supported
0% or
You are about to add 0 people to the discussion. Proceed with caution.
Finish editing this message first!
Please register or to comment
GitLab Nexedi Edition | About GitLab | About Nexedi | 沪ICP备2021021310号-2 | 沪ICP备2021021310号-7