Aren
/
NetBSD
1
0
Fork 0
Code Issues Pull Requests Packages Projects Releases Wiki Activity

KASSERT that the returned file id length from VPTOFH is <= the 

maximum allowed value (_VFS_MAXFIDSZ).
This commit is contained in:
martin 2006-03-27 20:20:45 +00:00
parent 1adab2b4e3
commit d6d75eaf5d
4 changed files with 19 additions and 8 deletions
Show Stats Download Patch File Download Diff File Expand all files Collapse all files

5
sys/kern/vfs_syscalls.c
View File

@ -1,4 +1,4 @@
/* $NetBSD: vfs_syscalls.c,v 1.238 2006/03/01 12:38:21 yamt Exp $ */
/* $NetBSD: vfs_syscalls.c,v 1.239 2006/03/27 20:20:45 martin Exp $ */
/*
* Copyright (c) 1989, 1993
@ -37,7 +37,7 @@
*/
#include <sys/cdefs.h>
__KERNEL_RCSID(0, "$NetBSD: vfs_syscalls.c,v 1.238 2006/03/01 12:38:21 yamt Exp $");
__KERNEL_RCSID(0, "$NetBSD: vfs_syscalls.c,v 1.239 2006/03/27 20:20:45 martin Exp $");
#include "opt_compat_netbsd.h"
#include "opt_compat_43.h"
@ -1220,6 +1220,7 @@ sys_getfh(struct lwp *l, void *v, register_t *retval)
vput(vp);
if (error)
return (error);
KASSERT(fh.fh_fid.fid_len <= _VFS_MAXFIDSZ);
error = copyout(&fh, (caddr_t)SCARG(uap, fhp), sizeof (fh));
return (error);
}

6
sys/nfs/nfs_export.c
View File

@ -1,4 +1,4 @@
/* $NetBSD: nfs_export.c,v 1.9 2006/01/05 12:21:00 yamt Exp $ */
/* $NetBSD: nfs_export.c,v 1.10 2006/03/27 20:20:46 martin Exp $ */
/*-
* Copyright (c) 1997, 1998, 2004, 2005 The NetBSD Foundation, Inc.
@ -82,7 +82,7 @@
*/
#include <sys/cdefs.h>
__KERNEL_RCSID(0, "$NetBSD: nfs_export.c,v 1.9 2006/01/05 12:21:00 yamt Exp $");
__KERNEL_RCSID(0, "$NetBSD: nfs_export.c,v 1.10 2006/03/27 20:20:46 martin Exp $");
#include "opt_compat_netbsd.h"
#include "opt_inet.h"
@ -246,6 +246,7 @@ mountd_set_exports_list(const struct mountd_exports_list *mel, struct lwp *l)
error = EOPNOTSUPP;
goto out_locked;
}
KASSERT(fid.fid_len <= _VFS_MAXFIDSZ);
KASSERT(mp->mnt_op->vfs_vptofh != NULL &&
mp->mnt_op->vfs_fhtovp != NULL);
@ -738,6 +739,7 @@ setpublicfs(struct mount *mp, struct netexport *nep,
return error;
vput(rvp);
KASSERT(nfs_pub.np_handle.fh_fid.fid_len <= _VFS_MAXFIDSZ);
/*
* If an indexfile was specified, pull it in.

6
sys/nfs/nfs_nqlease.c
View File

@ -1,4 +1,4 @@
/* $NetBSD: nfs_nqlease.c,v 1.57 2005/12/11 12:25:16 christos Exp $ */
/* $NetBSD: nfs_nqlease.c,v 1.58 2006/03/27 20:20:46 martin Exp $ */
/*
* Copyright (c) 1992, 1993
@ -49,7 +49,7 @@
*/
#include <sys/cdefs.h>
__KERNEL_RCSID(0, "$NetBSD: nfs_nqlease.c,v 1.57 2005/12/11 12:25:16 christos Exp $");
__KERNEL_RCSID(0, "$NetBSD: nfs_nqlease.c,v 1.58 2006/03/27 20:20:46 martin Exp $");
#include "fs_nfs.h"
#include "opt_nfs.h"
@ -210,6 +210,7 @@ nqsrv_getlease(vp, duration, flags, slp, lwp, nam, cachablep, frev, cred)
splx(s);
return (error);
}
KASSERT(fh.fh_fid.fid_len <= _VFS_MAXFIDSZ);
lpp = NQFHHASH(fh.fh_fid.fid_data);
LIST_FOREACH (lp, lpp, lc_hash) {
if (fh.fh_fsid.__fsid_val[0] == lp->lc_fsid.__fsid_val[0] &&
@ -517,6 +518,7 @@ nqsrv_send_eviction(vp, lp, slp, nam, cred, l)
memset((caddr_t)fhp, 0, sizeof(nfh));
fhp->fh_fsid = vp->v_mount->mnt_stat.f_fsidx;
VFS_VPTOFH(vp, &fhp->fh_fid);
KASSERT(fhp->fh_fid.fid_len <= _VFS_MAXFIDSZ);
nfsm_srvfhtom(fhp, 1);
m = mreq;
siz = 0;

10
sys/nfs/nfs_serv.c
View File

@ -1,4 +1,4 @@
/* $NetBSD: nfs_serv.c,v 1.101 2006/03/01 12:38:32 yamt Exp $ */
/* $NetBSD: nfs_serv.c,v 1.102 2006/03/27 20:20:46 martin Exp $ */
/*
* Copyright (c) 1989, 1993
@ -55,7 +55,7 @@
*/
#include <sys/cdefs.h>
__KERNEL_RCSID(0, "$NetBSD: nfs_serv.c,v 1.101 2006/03/01 12:38:32 yamt Exp $");
__KERNEL_RCSID(0, "$NetBSD: nfs_serv.c,v 1.102 2006/03/27 20:20:46 martin Exp $");
#include <sys/param.h>
#include <sys/systm.h>
@ -449,6 +449,7 @@ nfsrv_lookup(nfsd, slp, lwp, mrq)
if (!error)
error = VOP_GETATTR(vp, &va, cred, lwp);
vput(vp);
KASSERT(fhp->fh_fid.fid_len <= _VFS_MAXFIDSZ);
nfsm_reply(NFSX_SRVFH(v3) + NFSX_POSTOPORFATTR(v3) + NFSX_POSTOPATTR(v3));
if (error) {
nfsm_srvpostop_attr(dirattr_ret, &dirattr);
@ -1542,6 +1543,7 @@ nfsrv_create(nfsd, slp, lwp, mrq)
if (!error)
error = VOP_GETATTR(vp, &va, cred, lwp);
vput(vp);
KASSERT(fhp->fh_fid.fid_len <= _VFS_MAXFIDSZ);
}
if (v3) {
if (exclusive_flag && !error) {
@ -1708,6 +1710,7 @@ out:
if (!error)
error = VOP_GETATTR(vp, &va, cred, lwp);
vput(vp);
KASSERT(fhp->fh_fid.fid_len <= _VFS_MAXFIDSZ);
}
diraft_ret = VOP_GETATTR(dirp, &diraft, cred, lwp);
vrele(dirp);
@ -2254,6 +2257,7 @@ abortop:
if (!error)
error = VOP_GETATTR(nd.ni_vp, &va, cred, lwp);
vput(nd.ni_vp);
KASSERT(fhp->fh_fid.fid_len <= _VFS_MAXFIDSZ);
} else {
vput(nd.ni_vp);
}
@ -2379,6 +2383,7 @@ nfsrv_mkdir(nfsd, slp, lwp, mrq)
if (!error)
error = VOP_GETATTR(vp, &va, cred, lwp);
vput(vp);
KASSERT(fhp->fh_fid.fid_len <= _VFS_MAXFIDSZ);
}
out:
if (dirp) {
@ -3024,6 +3029,7 @@ again:
goto invalid;
}
vput(nvp);
KASSERT(fhp->fh_fid.fid_len <= _VFS_MAXFIDSZ);
/*
* If either the dircount or maxcount will be