[3.13.y.z extended stable] Patch "nfsd4: buffer-length check for SUPPATTR_EXCLCREAT" has been added to staging queue

Kamal Mostafa kamal at canonical.com
Thu May 1 19:17:26 UTC 2014


This is a note to let you know that I have just added a patch titled

    nfsd4: buffer-length check for SUPPATTR_EXCLCREAT

to the linux-3.13.y-queue branch of the 3.13.y.z extended stable tree 
which can be found at:

 http://kernel.ubuntu.com/git?p=ubuntu/linux.git;a=shortlog;h=refs/heads/linux-3.13.y-queue

This patch is scheduled to be released in version 3.13.11.1.

If you, or anyone else, feels it should not be added to this tree, please 
reply to this email.

For more information about the 3.13.y.z tree, see
https://wiki.ubuntu.com/Kernel/Dev/ExtendedStable

Thanks.
-Kamal

------

>From d5313c52abc5c3ef9b4147cb50c8c976fe48a9be Mon Sep 17 00:00:00 2001
From: "J. Bruce Fields" <bfields at redhat.com>
Date: Tue, 28 Jan 2014 16:05:15 -0500
Subject: nfsd4: buffer-length check for SUPPATTR_EXCLCREAT

commit de3997a7eeb9ea286b15879fdf8a95aae065b4f7 upstream.

This was an omission from 8c18f2052e756e7d5dea712fc6e7ed70c00e8a39
"nfsd41: SUPPATTR_EXCLCREAT attribute".

Cc: Benny Halevy <bhalevy at primarydata.com>
Signed-off-by: J. Bruce Fields <bfields at redhat.com>
Signed-off-by: Kamal Mostafa <kamal at canonical.com>
---
 fs/nfsd/nfs4xdr.c | 2 ++
 1 file changed, 2 insertions(+)

diff --git a/fs/nfsd/nfs4xdr.c b/fs/nfsd/nfs4xdr.c
index ee7237f..86d8011 100644
--- a/fs/nfsd/nfs4xdr.c
+++ b/fs/nfsd/nfs4xdr.c
@@ -2517,6 +2517,8 @@ out_acl:
 			goto out;
 	}
 	if (bmval2 & FATTR4_WORD2_SUPPATTR_EXCLCREAT) {
+		if ((buflen -= 16) < 0)
+			goto out_resource;
 		WRITE32(3);
 		WRITE32(NFSD_SUPPATTR_EXCLCREAT_WORD0);
 		WRITE32(NFSD_SUPPATTR_EXCLCREAT_WORD1);
--
1.9.1





More information about the kernel-team mailing list