From patchwork Thu Apr 20 02:15:27 2017
Content-Type: text/plain; charset="utf-8"
MIME-Version: 1.0
Content-Transfer-Encoding: 7bit
X-Patchwork-Submitter: NeilBrown <neilb@suse.com>
X-Patchwork-Id: 9689251
Return-Path: <linux-nfs-owner@kernel.org>
Received: from mail.wl.linuxfoundation.org (pdx-wl-mail.web.codeaurora.org
	[172.30.200.125])
	by pdx-korg-patchwork.web.codeaurora.org (Postfix) with ESMTP id
	6CD046037F for <patchwork-linux-nfs@patchwork.kernel.org>;
	Thu, 20 Apr 2017 02:15:36 +0000 (UTC)
Received: from mail.wl.linuxfoundation.org (localhost [127.0.0.1])
	by mail.wl.linuxfoundation.org (Postfix) with ESMTP id 5EF6328402
	for <patchwork-linux-nfs@patchwork.kernel.org>;
	Thu, 20 Apr 2017 02:15:36 +0000 (UTC)
Received: by mail.wl.linuxfoundation.org (Postfix, from userid 486)
	id 5357B28448; Thu, 20 Apr 2017 02:15:36 +0000 (UTC)
X-Spam-Checker-Version: SpamAssassin 3.3.1 (2010-03-16) on
	pdx-wl-mail.web.codeaurora.org
X-Spam-Level: 
X-Spam-Status: No, score=-6.9 required=2.0 tests=BAYES_00, RCVD_IN_DNSWL_HI,
	T_TVD_MIME_EPI autolearn=ham version=3.3.1
Received: from vger.kernel.org (vger.kernel.org [209.132.180.67])
	by mail.wl.linuxfoundation.org (Postfix) with ESMTP id BFD1328402
	for <patchwork-linux-nfs@patchwork.kernel.org>;
	Thu, 20 Apr 2017 02:15:35 +0000 (UTC)
Received: (majordomo@vger.kernel.org) by vger.kernel.org via listexpand
	id S937364AbdDTCPf (ORCPT
	<rfc822;patchwork-linux-nfs@patchwork.kernel.org>);
	Wed, 19 Apr 2017 22:15:35 -0400
Received: from mx2.suse.de ([195.135.220.15]:42905 "EHLO mx1.suse.de"
	rhost-flags-OK-OK-OK-FAIL) by vger.kernel.org with ESMTP
	id S937362AbdDTCPe (ORCPT <rfc822;linux-nfs@vger.kernel.org>);
	Wed, 19 Apr 2017 22:15:34 -0400
X-Virus-Scanned: by amavisd-new at test-mx.suse.de
Received: from relay2.suse.de (charybdis-ext.suse.de [195.135.220.254])
	by mx1.suse.de (Postfix) with ESMTP id 3A88DAAB4;
	Thu, 20 Apr 2017 02:15:33 +0000 (UTC)
From: NeilBrown <neilb@suse.com>
To: Trond Myklebust <trond.myklebust@primarydata.com>
Date: Thu, 20 Apr 2017 12:15:27 +1000
Cc: Linux NFS Mailing List <linux-nfs@vger.kernel.org>
Subject: [PATCH] sunrpc: set cl_nodelen correctly when nodename truncated.
Message-ID: <87r30nsu2o.fsf@notabene.neil.brown.name>
MIME-Version: 1.0
Sender: linux-nfs-owner@vger.kernel.org
Precedence: bulk
List-ID: <linux-nfs.vger.kernel.org>
X-Mailing-List: linux-nfs@vger.kernel.org
X-Virus-Scanned: ClamAV using ClamSMTP

rpc_clnt_set_nodename() appears to assume that the return
value from strlcpy() is the size of the copied string.  It
is not.  It is the size of the string that strlcpy() was
asked to copy.  If truncation happened, the return value
will be longer than the buffer.

So we need to compare the returned value with the buffer size-1
and record the smaller of the two.

Signed-off-by: NeilBrown <neilb@suse.com>
---
 net/sunrpc/clnt.c | 3 +++
 1 file changed, 3 insertions(+)

diff --git a/net/sunrpc/clnt.c b/net/sunrpc/clnt.c
index b5cb921775a0..b62ab1a7bb98 100644
--- a/net/sunrpc/clnt.c
+++ b/net/sunrpc/clnt.c
@@ -287,6 +287,9 @@ static void rpc_clnt_set_nodename(struct rpc_clnt *clnt, const char *nodename)
 {
 	clnt->cl_nodelen = strlcpy(clnt->cl_nodename,
 			nodename, sizeof(clnt->cl_nodename));
+	if (clnt->cl_nodelen >= sizeof(clnt->cl_nodename))
+		/* nodename was truncated... */
+		clnt->cl_nodelen = sizeof(clnt->cl_nodelen) - 1;
 }
 
 static int rpc_client_register(struct rpc_clnt *clnt,