Return-Path: Received: (majordomo@vger.kernel.org) by vger.kernel.org via listexpand id S1756595Ab3I2Teg (ORCPT ); Sun, 29 Sep 2013 15:34:36 -0400 Received: from mail.linuxfoundation.org ([140.211.169.12]:59858 "EHLO mail.linuxfoundation.org" rhost-flags-OK-OK-OK-OK) by vger.kernel.org with ESMTP id S1756165Ab3I2T3s (ORCPT ); Sun, 29 Sep 2013 15:29:48 -0400 From: Greg Kroah-Hartman To: linux-kernel@vger.kernel.org Cc: Greg Kroah-Hartman , stable@vger.kernel.org, Simo Sorce , "J. Bruce Fields" Subject: [ 65/71] rpc: clean up decoding of gssproxy linux creds Date: Sun, 29 Sep 2013 12:28:17 -0700 Message-Id: <20130929192647.973238665@linuxfoundation.org> X-Mailer: git-send-email 1.8.4.6.g82e253f.dirty In-Reply-To: <20130929192643.539596256@linuxfoundation.org> References: <20130929192643.539596256@linuxfoundation.org> User-Agent: quilt/0.60-1 Sender: linux-kernel-owner@vger.kernel.org List-ID: X-Mailing-List: linux-kernel@vger.kernel.org Content-Length: 3028 Lines: 114 3.11-stable review patch. If anyone has any objections, please let me know. ------------------ From: "J. Bruce Fields" commit 778e512bb1d3315c6b55832248cd30c566c081d7 upstream. We can use the normal coding infrastructure here. Two minor behavior changes: - we're assuming no wasted space at the end of the linux cred. That seems to match gss-proxy's behavior, and I can't see why it would need to do differently in the future. - NGROUPS_MAX check added: note groups_alloc doesn't do this, this is the caller's responsibility. Tested-by: Simo Sorce Signed-off-by: J. Bruce Fields Signed-off-by: Greg Kroah-Hartman --- net/sunrpc/auth_gss/gss_rpc_xdr.c | 32 +++++++++++++------------------- 1 file changed, 13 insertions(+), 19 deletions(-) --- a/net/sunrpc/auth_gss/gss_rpc_xdr.c +++ b/net/sunrpc/auth_gss/gss_rpc_xdr.c @@ -166,14 +166,14 @@ static int dummy_dec_opt_array(struct xd return 0; } -static int get_s32(void **p, void *max, s32 *res) +static int get_s32(struct xdr_stream *xdr, s32 *res) { - void *base = *p; - void *next = (void *)((char *)base + sizeof(s32)); - if (unlikely(next > max || next < base)) + __be32 *p; + + p = xdr_inline_decode(xdr, 4); + if (!p) return -EINVAL; - memcpy(res, base, sizeof(s32)); - *p = next; + memcpy(res, p, sizeof(s32)); return 0; } @@ -182,7 +182,6 @@ static int gssx_dec_linux_creds(struct x { u32 length; __be32 *p; - void *q, *end; s32 tmp; int N, i, err; @@ -192,33 +191,28 @@ static int gssx_dec_linux_creds(struct x length = be32_to_cpup(p); - /* FIXME: we do not want to use the scratch buffer for this one - * may need to use functions that allows us to access an io vector - * directly */ - p = xdr_inline_decode(xdr, length); - if (unlikely(p == NULL)) + if (length > (3 + NGROUPS_MAX) * sizeof(u32)) return -ENOSPC; - q = p; - end = q + length; - /* uid */ - err = get_s32(&q, end, &tmp); + err = get_s32(xdr, &tmp); if (err) return err; creds->cr_uid = make_kuid(&init_user_ns, tmp); /* gid */ - err = get_s32(&q, end, &tmp); + err = get_s32(xdr, &tmp); if (err) return err; creds->cr_gid = make_kgid(&init_user_ns, tmp); /* number of additional gid's */ - err = get_s32(&q, end, &tmp); + err = get_s32(xdr, &tmp); if (err) return err; N = tmp; + if ((3 + N) * sizeof(u32) != length) + return -EINVAL; creds->cr_group_info = groups_alloc(N); if (creds->cr_group_info == NULL) return -ENOMEM; @@ -226,7 +220,7 @@ static int gssx_dec_linux_creds(struct x /* gid's */ for (i = 0; i < N; i++) { kgid_t kgid; - err = get_s32(&q, end, &tmp); + err = get_s32(xdr, &tmp); if (err) goto out_free_groups; err = -EINVAL; -- To unsubscribe from this list: send the line "unsubscribe linux-kernel" in the body of a message to majordomo@vger.kernel.org More majordomo info at http://vger.kernel.org/majordomo-info.html Please read the FAQ at http://www.tux.org/lkml/