| Message ID | 4E1E9302.4080504@cn.fujitsu.com (mailing list archive) |
|---|---|
| State | New, archived |
| Headers | show |
On Thu, Jul 14, 2011 at 02:56:02PM +0800, Mi Jinlong wrote: > This patch checks request's size when it consists SEQUENCE. > > v4: > delete format fixing which length exceed 80 > > v3: > remove the check about only SEQUENCE operation. > check the size immediately after find session. > modify some function's format which length exceed 80. Both applied, thanks! --b. > > Signed-off-by: Mi Jinlong <mijinlong@cn.fujitsu.com> > --- > fs/nfsd/nfs4state.c | 12 ++++++++++++ > 1 files changed, 12 insertions(+), 0 deletions(-) > > diff --git a/fs/nfsd/nfs4state.c b/fs/nfsd/nfs4state.c > index 72899ec..cc20587 100644 > --- a/fs/nfsd/nfs4state.c > +++ b/fs/nfsd/nfs4state.c > @@ -1763,6 +1763,14 @@ static bool nfsd4_session_too_many_ops(struct svc_rqst *rqstp, struct nfsd4_sess > return args->opcnt > session->se_fchannel.maxops; > } > > +static bool nfsd4_request_too_big(struct svc_rqst *rqstp, > + struct nfsd4_session *session) > +{ > + struct xdr_buf *xb = &rqstp->rq_arg; > + > + return xb->len > session->se_fchannel.maxreq_sz; > +} > + > __be32 > nfsd4_sequence(struct svc_rqst *rqstp, > struct nfsd4_compound_state *cstate, > @@ -1795,6 +1803,10 @@ nfsd4_sequence(struct svc_rqst *rqstp, > if (nfsd4_session_too_many_ops(rqstp, session)) > goto out; > > + status = nfserr_req_too_big; > + if (nfsd4_request_too_big(rqstp, session)) > + goto out; > + > status = nfserr_badslot; > if (seq->slotid >= session->se_fchannel.maxreqs) > goto out; > -- > 1.7.5.4 > > > -- To unsubscribe from this list: send the line "unsubscribe linux-nfs" in the body of a message to majordomo@vger.kernel.org More majordomo info at http://vger.kernel.org/majordomo-info.html
diff --git a/fs/nfsd/nfs4state.c b/fs/nfsd/nfs4state.c index 72899ec..cc20587 100644 --- a/fs/nfsd/nfs4state.c +++ b/fs/nfsd/nfs4state.c @@ -1763,6 +1763,14 @@ static bool nfsd4_session_too_many_ops(struct svc_rqst *rqstp, struct nfsd4_sess return args->opcnt > session->se_fchannel.maxops; } +static bool nfsd4_request_too_big(struct svc_rqst *rqstp, + struct nfsd4_session *session) +{ + struct xdr_buf *xb = &rqstp->rq_arg; + + return xb->len > session->se_fchannel.maxreq_sz; +} + __be32 nfsd4_sequence(struct svc_rqst *rqstp, struct nfsd4_compound_state *cstate, @@ -1795,6 +1803,10 @@ nfsd4_sequence(struct svc_rqst *rqstp, if (nfsd4_session_too_many_ops(rqstp, session)) goto out; + status = nfserr_req_too_big; + if (nfsd4_request_too_big(rqstp, session)) + goto out; + status = nfserr_badslot; if (seq->slotid >= session->se_fchannel.maxreqs) goto out;
This patch checks request's size when it consists SEQUENCE. v4: delete format fixing which length exceed 80 v3: remove the check about only SEQUENCE operation. check the size immediately after find session. modify some function's format which length exceed 80. Signed-off-by: Mi Jinlong <mijinlong@cn.fujitsu.com> --- fs/nfsd/nfs4state.c | 12 ++++++++++++ 1 files changed, 12 insertions(+), 0 deletions(-)