Return-Path: Received: (majordomo@vger.kernel.org) by vger.kernel.org via listexpand id S1752660Ab1CKENP (ORCPT ); Thu, 10 Mar 2011 23:13:15 -0500 Received: from cn.fujitsu.com ([222.73.24.84]:61642 "EHLO song.cn.fujitsu.com" rhost-flags-OK-FAIL-OK-OK) by vger.kernel.org with ESMTP id S1751251Ab1CKENL (ORCPT ); Thu, 10 Mar 2011 23:13:11 -0500 Message-ID: <4D79A183.8090306@cn.fujitsu.com> Date: Fri, 11 Mar 2011 12:13:55 +0800 From: Mi Jinlong User-Agent: Thunderbird 2.0.0.9 (Windows/20071031) MIME-Version: 1.0 To: "J. Bruce Fields" CC: roel , Neil Brown , linux-nfs@vger.kernel.org, Andrew Morton , LKML Subject: Re: [PATCH] nfsd: wrong index used in inner loop References: <4D76A06A.4090405@gmail.com> <20110309004955.GD15814@fieldses.org> In-Reply-To: <20110309004955.GD15814@fieldses.org> X-MIMETrack: Itemize by SMTP Server on mailserver/fnst(Release 8.5.1FP4|July 25, 2010) at 2011-03-11 12:11:50, Serialize by Router on mailserver/fnst(Release 8.5.1FP4|July 25, 2010) at 2011-03-11 12:11:52, Serialize complete at 2011-03-11 12:11:52 Content-Transfer-Encoding: 7bit Content-Type: text/plain; charset=ISO-8859-1 Sender: linux-kernel-owner@vger.kernel.org List-ID: X-Mailing-List: linux-kernel@vger.kernel.org Content-Length: 2548 Lines: 93 J. Bruce Fields: > On Tue, Mar 08, 2011 at 10:32:26PM +0100, roel wrote: >> Index i was already used in the outer loop >> >> Signed-off-by: Roel Kluin >> --- >> fs/nfsd/nfs4xdr.c | 4 ++-- >> 1 files changed, 2 insertions(+), 2 deletions(-) >> >> Not 100% sure this one is needed but it looks suspicious. > > Looks bad to me, thanks. > > nfsd4_decode_create_session should probably really be broken up a little > bit; if it wasn't so long this would have been more obvious. > > I'll see if I can slip this into 2.6.38 with a couple other last-minute > patches.... Otherwise, it'll be in 2.6.39. > > --b. > >> diff --git a/fs/nfsd/nfs4xdr.c b/fs/nfsd/nfs4xdr.c >> index 1275b86..615f0a9 100644 >> --- a/fs/nfsd/nfs4xdr.c >> +++ b/fs/nfsd/nfs4xdr.c >> @@ -1142,7 +1142,7 @@ nfsd4_decode_create_session(struct nfsd4_compoundargs *argp, >> >> u32 dummy; >> char *machine_name; >> - int i; >> + int i, j; >> int nr_secflavs; >> >> READ_BUF(16); >> @@ -1215,7 +1215,7 @@ nfsd4_decode_create_session(struct nfsd4_compoundargs *argp, >> READ_BUF(4); >> READ32(dummy); >> READ_BUF(dummy * 4); >> - for (i = 0; i < dummy; ++i) >> + for (j = 0; j < dummy; ++j) >> READ32(dummy); We must not use dummy for index here. After the first index, READ32(dummy) will change dummy!!!! The following patch fix this problem. -- thanks, Mi Jinlong ============================================================ We must not use dummy for index. After the first index, READ32(dummy) will change dummy!!!! Signed-off-by: Mi Jinlong --- fs/nfsd/nfs4xdr.c | 4 ++-- 1 files changed, 2 insertions(+), 2 deletions(-) diff --git a/fs/nfsd/nfs4xdr.c b/fs/nfsd/nfs4xdr.c index 615f0a9..8dd70d0 100644 --- a/fs/nfsd/nfs4xdr.c +++ b/fs/nfsd/nfs4xdr.c @@ -1140,7 +1140,7 @@ nfsd4_decode_create_session(struct nfsd4_compoundargs *argp, { DECODE_HEAD; - u32 dummy; + u32 dummy, tmp; char *machine_name; int i, j; int nr_secflavs; @@ -1216,7 +1216,7 @@ nfsd4_decode_create_session(struct nfsd4_compoundargs *argp, READ32(dummy); READ_BUF(dummy * 4); for (j = 0; j < dummy; ++j) - READ32(dummy); + READ32(tmp); break; case RPC_AUTH_GSS: dprintk("RPC_AUTH_GSS callback secflavor " -- 1.7.4.1 -- To unsubscribe from this list: send the line "unsubscribe linux-kernel" in the body of a message to majordomo@vger.kernel.org More majordomo info at http://vger.kernel.org/majordomo-info.html Please read the FAQ at http://www.tux.org/lkml/