Replace the check for buffer over/underflow with a helper that is
commonly used for this purpose. The helper also sets xdr->nwords
correctly after successfully linearizing the symlink argument into
the stream's scratch buffer.
Signed-off-by: Chuck Lever <[email protected]>
---
fs/nfsd/nfs3xdr.c | 14 +++-----------
1 file changed, 3 insertions(+), 11 deletions(-)
diff --git a/fs/nfsd/nfs3xdr.c b/fs/nfsd/nfs3xdr.c
index 0293b8d65f10..71e32cf28885 100644
--- a/fs/nfsd/nfs3xdr.c
+++ b/fs/nfsd/nfs3xdr.c
@@ -616,8 +616,6 @@ nfs3svc_decode_symlinkargs(struct svc_rqst *rqstp, struct xdr_stream *xdr)
{
struct nfsd3_symlinkargs *args = rqstp->rq_argp;
struct kvec *head = rqstp->rq_arg.head;
- struct kvec *tail = rqstp->rq_arg.tail;
- size_t remaining;
if (!svcxdr_decode_diropargs3(xdr, &args->ffh, &args->fname, &args->flen))
return false;
@@ -626,16 +624,10 @@ nfs3svc_decode_symlinkargs(struct svc_rqst *rqstp, struct xdr_stream *xdr)
if (xdr_stream_decode_u32(xdr, &args->tlen) < 0)
return false;
- /* request sanity */
- remaining = head->iov_len + rqstp->rq_arg.page_len + tail->iov_len;
- remaining -= xdr_stream_pos(xdr);
- if (remaining < xdr_align_size(args->tlen))
- return false;
-
- args->first.iov_base = xdr->p;
+ /* symlink_data */
args->first.iov_len = head->iov_len - xdr_stream_pos(xdr);
-
- return true;
+ args->first.iov_base = xdr_inline_decode(xdr, args->tlen);
+ return args->first.iov_base != NULL;
}
bool
On Sun, 2022-08-28 at 14:50 -0400, Chuck Lever wrote:
> Replace the check for buffer over/underflow with a helper that is
> commonly used for this purpose. The helper also sets xdr->nwords
> correctly after successfully linearizing the symlink argument into
> the stream's scratch buffer.
>
> Signed-off-by: Chuck Lever <[email protected]>
> ---
> fs/nfsd/nfs3xdr.c | 14 +++-----------
> 1 file changed, 3 insertions(+), 11 deletions(-)
>
> diff --git a/fs/nfsd/nfs3xdr.c b/fs/nfsd/nfs3xdr.c
> index 0293b8d65f10..71e32cf28885 100644
> --- a/fs/nfsd/nfs3xdr.c
> +++ b/fs/nfsd/nfs3xdr.c
> @@ -616,8 +616,6 @@ nfs3svc_decode_symlinkargs(struct svc_rqst *rqstp, struct xdr_stream *xdr)
> {
> struct nfsd3_symlinkargs *args = rqstp->rq_argp;
> struct kvec *head = rqstp->rq_arg.head;
> - struct kvec *tail = rqstp->rq_arg.tail;
> - size_t remaining;
>
> if (!svcxdr_decode_diropargs3(xdr, &args->ffh, &args->fname, &args->flen))
> return false;
> @@ -626,16 +624,10 @@ nfs3svc_decode_symlinkargs(struct svc_rqst *rqstp, struct xdr_stream *xdr)
> if (xdr_stream_decode_u32(xdr, &args->tlen) < 0)
> return false;
>
> - /* request sanity */
> - remaining = head->iov_len + rqstp->rq_arg.page_len + tail->iov_len;
> - remaining -= xdr_stream_pos(xdr);
> - if (remaining < xdr_align_size(args->tlen))
> - return false;
> -
> - args->first.iov_base = xdr->p;
> + /* symlink_data */
> args->first.iov_len = head->iov_len - xdr_stream_pos(xdr);
> -
> - return true;
> + args->first.iov_base = xdr_inline_decode(xdr, args->tlen);
> + return args->first.iov_base != NULL;
> }
>
> bool
>
>
Reviewed-by: Jeff Layton <[email protected]>