unimore/kernel-hacking-2024-linux-steffo
unimore/kernel-hacking-2024-linux-steffo
1
Fork 0
Code Pull requests 5 Wiki Activity
kernel-hacking-2024-linux-s.../fs/nfs
History
Sachin Prabhu 5a00689930 Avoid reading past buffer when calling GETACL 
Bug noticed in commit
bf118a342f

When calling GETACL, if the size of the bitmap array, the length
attribute and the acl returned by the server is greater than the
allocated buffer(args.acl_len), we can Oops with a General Protection
fault at _copy_from_pages() when we attempt to read past the pages
allocated.

This patch allocates an extra PAGE for the bitmap and checks to see that
the bitmap + attribute_length + ACLs don't exceed the buffer space
allocated to it.

Signed-off-by: Sachin Prabhu <sprabhu@redhat.com>
Reported-by: Jian Li <jiali@redhat.com>
[Trond: Fixed a size_t vs unsigned int printk() warning]
Signed-off-by: Trond Myklebust <Trond.Myklebust@netapp.com>
2012-04-27 13:15:07 -04:00
..
blocklayout fix page number calculation bug for block layout decode buffer 2012-04-26 12:23:23 -04:00
objlayout pnfs-obj: Remove unused variable from objlayout_get_deviceinfo() 2012-04-26 12:15:51 -04:00
cache_lib.c NFS: remove RPC PipeFS mount point references from NFS cache routines 2012-01-31 18:20:26 -05:00
cache_lib.h NFS: DNS resolver PipeFS notifier introduced 2012-01-31 18:20:26 -05:00
callback.c NFS: Fix a number of sparse warnings 2012-03-11 15:14:16 -04:00
callback.h NFSv4.1: Convert slotid from u8 to u32 2012-02-15 00:19:43 -05:00
callback_proc.c NFSv4: Further clean-ups of delegation stateid validation 2012-03-06 10:32:44 -05:00
callback_xdr.c NFSv4: Rate limit the state manager warning messages 2012-03-12 18:15:22 -04:00
client.c Disintegrate and delete asm/system.h 2012-03-28 15:58:21 -07:00
delegation.c NFS: Fix a number of sparse warnings 2012-03-11 15:14:16 -04:00
delegation.h NFSv4.0: Re-establish the callback channel on NFS4ERR_CB_PATHDOWN 2012-03-10 11:54:36 -05:00
dir.c NFSv4: Fix open(O_TRUNC) and ftruncate() error handling 2012-04-19 13:23:09 -04:00
direct.c Disintegrate and delete asm/system.h 2012-03-28 15:58:21 -07:00
dns_resolve.c NFS: Fix a number of sparse warnings 2012-03-11 15:14:16 -04:00
dns_resolve.h NFS: DNS resolver cache per network namespace context introduced 2012-01-31 18:20:26 -05:00
file.c Disintegrate and delete asm/system.h 2012-03-28 15:58:21 -07:00
fscache-index.c
fscache.c NFS: Fix more NFS debug related build warnings 2012-03-21 09:31:44 -04:00
fscache.h
getroot.c Remove all #inclusions of asm/system.h 2012-03-28 18:30:03 +01:00
idmap.c NFS client updates for Linux 3.4 2012-03-23 08:53:47 -07:00
inode.c Disintegrate and delete asm/system.h 2012-03-28 15:58:21 -07:00
internal.h NFSv4.1: Clean ups and bugfixes for the pNFS read/writeback/commit code 2012-03-17 11:09:33 -04:00
iostat.h
Kconfig SUNRPC/NFS: Add Kbuild dependencies for NFS_DEBUG/RPC_DEBUG 2012-03-20 13:08:26 -04:00
Makefile
mount_clnt.c SUNRPC/NFS: Add Kbuild dependencies for NFS_DEBUG/RPC_DEBUG 2012-03-20 13:08:26 -04:00
namespace.c nfs: Clean up debugging in nfs_follow_mountpoint() 2012-02-16 15:05:16 -05:00
netns.h NFS: replace global bl_wq with per-net one 2012-03-11 10:57:35 -04:00
nfs2xdr.c SUNRPC: constify the rpc_program 2012-01-31 19:28:20 -05:00
nfs3acl.c NFS: Fix a number of sparse warnings 2012-03-11 15:14:16 -04:00
nfs3proc.c NFS: Remove nfs4_setup_sequence from generic rename code 2012-03-21 09:31:46 -04:00
nfs3xdr.c SUNRPC: constify the rpc_program 2012-01-31 19:28:20 -05:00
nfs4_fs.h NFSv4: Ensure we do not reuse open owner names 2012-04-20 23:14:28 -04:00
nfs4filelayout.c NFS4.1: remove duplicate variable declaration in filelayout_clear_request_commit 2012-03-24 14:33:26 -04:00
nfs4filelayout.h NFS: remove nfs_inode radix tree 2012-03-10 17:14:10 -05:00
nfs4filelayoutdev.c NFSv4.1 fix page number calculation bug for filelayout decode buffers 2012-04-26 12:23:23 -04:00
nfs4namespace.c nfs4: fix referrals on mounts that use IPv6 addrs 2012-04-26 12:11:29 -04:00
nfs4proc.c Avoid reading past buffer when calling GETACL 2012-04-27 13:15:07 -04:00
nfs4renewd.c
nfs4state.c NFSv4: Keep dropped state owners on the LRU list for a while 2012-04-21 13:01:00 -04:00
nfs4xdr.c Avoid reading past buffer when calling GETACL 2012-04-27 13:15:07 -04:00
nfsroot.c SUNRPC/NFS: Add Kbuild dependencies for NFS_DEBUG/RPC_DEBUG 2012-03-20 13:08:26 -04:00
pagelist.c NFS: remove nfs_inode radix tree 2012-03-10 17:14:10 -05:00
pnfs.c NFSv4.1 fix page number calculation bug for filelayout decode buffers 2012-04-26 12:23:23 -04:00
pnfs.h NFS: Fix more NFS debug related build warnings 2012-03-21 09:31:44 -04:00
pnfs_dev.c NFS: Fix more NFS debug related build warnings 2012-03-21 09:31:44 -04:00
proc.c NFS: Remove nfs4_setup_sequence from generic rename code 2012-03-21 09:31:46 -04:00
read.c NFS: put open context on error in nfs_pagein_multi 2012-04-20 14:54:48 -04:00
super.c nfs: Enclose hostname in brackets when needed in nfs_do_root_mount 2012-04-20 17:59:01 -04:00
symlink.c
sysctl.c NFS: Fall back on old idmapper if request_key() fails 2012-02-06 18:48:01 -05:00
unlink.c NFS: Remove nfs4_setup_sequence from generic rename code 2012-03-21 09:31:46 -04:00
write.c NFS: put open context on error in nfs_flush_multi 2012-04-20 14:57:30 -04:00