Eric Lee / smarc-ti-linux-kernel

5
Download as
Browse Code ยป

Commit de3997a7eeb9ea286b15879fdf8a95aae065b4f7

Authored by J. Bruce Fields
1 parent 1406b916f4
Exists in master and in 13 other branches dlt-processor-sdk-linux-03.00.00.04, processor-sdk-linux-02.00.01, smarc-ti-linux-3.15.y, smarc-ti-lsk-linux-4.1.y, smarct3x-processor-sdk-04.01.00.06, smarct3x-processor-sdk-linux-02.00.01, smarct3x-processor-sdk-linux-03.00.00.04, smarct4x-800-processor-sdk-linux-02.00.01, smarct4x-processor-sdk-04.01.00.06, smarct4x-processor-sdk-linux-02.00.01, smarct4x-processor-sdk-linux-03.00.00.04, ti-linux-3.15.y, ti-lsk-linux-4.1.y

nfsd4: buffer-length check for SUPPATTR_EXCLCREAT 

This was an omission from 8c18f2052e756e7d5dea712fc6e7ed70c00e8a39
"nfsd41: SUPPATTR_EXCLCREAT attribute".

Cc: Benny Halevy <bhalevy@primarydata.com>
Cc: stable@vger.kernel.org
Signed-off-by: J. Bruce Fields <bfields@redhat.com>

Showing 1 changed file with 2 additions and 0 deletions Side-by-side Diff

... ... @@ -2483,6 +2483,8 @@
2483 2483 goto out;
2484 2484 }
2485 2485 if (bmval2 & FATTR4_WORD2_SUPPATTR_EXCLCREAT) {
  2486 + if ((buflen -= 16) < 0)
  2487 + goto out_resource;
2486 2488 WRITE32(3);
2487 2489 WRITE32(NFSD_SUPPATTR_EXCLCREAT_WORD0);
2488 2490 WRITE32(NFSD_SUPPATTR_EXCLCREAT_WORD1);