Return-Path: <linux-nfs-owner@vger.kernel.org>
Received: from mail-dm3nam03on0116.outbound.protection.outlook.com ([104.47.41.116]:19872
        "EHLO NAM03-DM3-obe.outbound.protection.outlook.com"
        rhost-flags-OK-OK-OK-FAIL) by vger.kernel.org with ESMTP
        id S934943AbeE2N5J (ORCPT <rfc822;linux-nfs@vger.kernel.org>);
        Tue, 29 May 2018 09:57:09 -0400
From: Trond Myklebust <trondmy@hammerspace.com>
To: "linux-nfs@vger.kernel.org" <linux-nfs@vger.kernel.org>,
        "dwysocha@redhat.com" <dwysocha@redhat.com>
Subject: Re: [PATCH] Fix possible stack smash in
 nfs_idmap_read_and_verify_message
Date: Tue, 29 May 2018 13:57:06 +0000
Message-ID: <fe2f25a758f2cfdef2910e9e16b87398541ab5fa.camel@hammerspace.com>
References: <20180417201118.17841-1-dwysocha@redhat.com>
         <1526389606.3803.4.camel@redhat.com>
         <da9db571bbeb0e4e341859ab7cd160b9f0e5c0c7.camel@hammerspace.com>
         <1526399086.3803.19.camel@redhat.com>
In-Reply-To: <1526399086.3803.19.camel@redhat.com>
Content-Type: text/plain; charset="utf-8"
MIME-Version: 1.0
Sender: linux-nfs-owner@vger.kernel.org
List-ID: <linux-nfs.vger.kernel.org>

T24gVHVlLCAyMDE4LTA1LTE1IGF0IDExOjQ0IC0wNDAwLCBEYXZpZCBXeXNvY2hhbnNraSB3cm90
ZToNCj4gT24gVHVlLCAyMDE4LTA1LTE1IGF0IDEzOjU5ICswMDAwLCBUcm9uZCBNeWtsZWJ1c3Qg
d3JvdGU6DQo+ID4gT24gVHVlLCAyMDE4LTA1LTE1IGF0IDA5OjA2IC0wNDAwLCBEYXZpZCBXeXNv
Y2hhbnNraSB3cm90ZToNCj4gPiA+IE9uIFR1ZSwgMjAxOC0wNC0xNyBhdCAxNjoxMSAtMDQwMCwg
RGF2ZSBXeXNvY2hhbnNraSB3cm90ZToNCj4gPiA+ID4gSW4gbmZzX2lkbWFwX3JlYWRfYW5kX3Zl
cmlmeV9tZXNzYWdlIHRoZXJlIGlzIGFuIHVucHJvdGVjdGVkDQo+ID4gPiA+IHNwcmludGYNCj4g
PiA+ID4gdGhhdCBjb252ZXJ0cyB0aGUgX191MzIgJ2ltX2lkJyBmcm9tIHN0cnVjdCBpZG1hcF9t
c2cgdG8NCj4gPiA+ID4gJ2lkX3N0cicNCj4gPiA+ID4gdGhhdCBpcyBhIHN0YWNrIHZhcmlhYmxl
IG9mICdORlNfVUlOVF9NQVhMRU4nIChkZWZpbmVkIGFzIDExKS4NCj4gPiA+ID4gSWYgYSB1aWQg
b3IgZ2lkIHZhbHVlIGlzID4gMjE0NzQ4MzY0NyA9IDB4N2ZmZmZmZmYgd2UgY29ycnVwdA0KPiA+
ID4gPiBrZXJuZWwgbWVtb3J5IGJ5IG9uZSBieXRlIGFuZCBpZg0KPiA+ID4gPiBDT05GSUdfQ0Nf
U1RBQ0tQUk9URUNUT1JfU1RST05HDQo+ID4gPiA+IGlzIHNldCB3ZSBzZWUgYSBzdGFjay1wcm90
ZWN0b3IgcGFuaWMgYXMgZm9sbG93czoNCj4gPiA+ID4gDQo+ID4gPiA+IFsxMTU1ODA1My42MTY1
NjVdIEtlcm5lbCBwYW5pYyAtIG5vdCBzeW5jaW5nOiBzdGFjay1wcm90ZWN0b3I6DQo+ID4gPiA+
IEtlcm5lbCBzdGFjayBpcyBjb3JydXB0ZWQgaW46IGZmZmZmZmZmYTA1YjhhOGMNCj4gPiA+ID4g
DQo+ID4gPiA+IFsxMTU1ODA1My42MzkwNjNdIENQVTogNiBQSUQ6IDk0MjMgQ29tbTogcnBjLmlk
bWFwZCBUYWludGVkOg0KPiA+ID4gPiBHICAgICAgICBXICAgICAgLS0tLS0tLS0tLS0tIFQgMy4x
MC4wLTUxNC5lbDcueDg2XzY0ICMxDQo+ID4gPiA+IFsxMTU1ODA1My42NDE5OTBdIEhhcmR3YXJl
IG5hbWU6IFJlZCBIYXQgT3BlblN0YWNrIENvbXB1dGUsDQo+ID4gPiA+IEJJT1MNCj4gPiA+ID4g
MS4xMC4yLTMuZWw3XzQuMSAwNC8wMS8yMDE0DQo+ID4gPiA+IFsxMTU1ODA1My42NDQ0NjJdICBm
ZmZmZmZmZjgxOGM3YmMwIDAwMDAwMDAwYjFmM2FlYzENCj4gPiA+ID4gZmZmZjg4MGRlMGY5YmQ0
OCBmZmZmZmZmZjgxNjg1ZWFjDQo+ID4gPiA+IFsxMTU1ODA1My42NDY0MzBdICBmZmZmODgwZGUw
ZjliZGM4IGZmZmZmZmZmODE2N2YyYjMNCj4gPiA+ID4gZmZmZmZmZmYwMDAwMDAxMCBmZmZmODgw
ZGUwZjliZGQ4DQo+ID4gPiA+IFsxMTU1ODA1My42NDgzMTNdICBmZmZmODgwZGUwZjliZDc4IDAw
MDAwMDAwYjFmM2FlYzENCj4gPiA+ID4gZmZmZmZmZmY4MTFkY2IwMyBmZmZmZmZmZmEwNWI4YThj
DQo+ID4gPiA+IFsxMTU1ODA1My42NTAxMDddIENhbGwgVHJhY2U6DQo+ID4gPiA+IFsxMTU1ODA1
My42NTEzNDddICBbPGZmZmZmZmZmODE2ODVlYWM+XSBkdW1wX3N0YWNrKzB4MTkvMHgxYg0KPiA+
ID4gPiBbMTE1NTgwNTMuNjUzMDEzXSAgWzxmZmZmZmZmZjgxNjdmMmIzPl0gcGFuaWMrMHhlMy8w
eDFmMg0KPiA+ID4gPiBbMTE1NTgwNTMuNjY2MjQwXSAgWzxmZmZmZmZmZjgxMWRjYjAzPl0gPyBr
ZnJlZSsweDEwMy8weDE0MA0KPiA+ID4gPiBbMTE1NTgwNTMuNjgyNTg5XSAgWzxmZmZmZmZmZmEw
NWI4YThjPl0gPw0KPiA+ID4gPiBpZG1hcF9waXBlX2Rvd25jYWxsKzB4MWNjLzB4MWUwIFtuZnN2
NF0NCj4gPiA+ID4gWzExNTU4MDUzLjY4OTcxMF0gIFs8ZmZmZmZmZmY4MTA4NTVkYj5dDQo+ID4g
PiA+IF9fc3RhY2tfY2hrX2ZhaWwrMHgxYi8weDMwDQo+ID4gPiA+IFsxMTU1ODA1My42OTE2MTld
ICBbPGZmZmZmZmZmYTA1YjhhOGM+XQ0KPiA+ID4gPiBpZG1hcF9waXBlX2Rvd25jYWxsKzB4MWNj
LzB4MWUwIFtuZnN2NF0NCj4gPiA+ID4gWzExNTU4MDUzLjY5Mzg2N10gIFs8ZmZmZmZmZmZhMDAy
MDlkNj5dDQo+ID4gPiA+IHJwY19waXBlX3dyaXRlKzB4NTYvMHg3MA0KPiA+ID4gPiBbc3VucnBj
XQ0KPiA+ID4gPiBbMTE1NTgwNTMuNjk1NzYzXSAgWzxmZmZmZmZmZjgxMWZlMTJkPl0gdmZzX3dy
aXRlKzB4YmQvMHgxZTANCj4gPiA+ID4gWzExNTU4MDUzLjcwMjIzNl0gIFs8ZmZmZmZmZmY4MTBh
Y2NjYz5dID8NCj4gPiA+ID4gdGFza193b3JrX3J1bisweGFjLzB4ZTANCj4gPiA+ID4gWzExNTU4
MDUzLjcwNDIxNV0gIFs8ZmZmZmZmZmY4MTFmZWM0Zj5dIFN5U193cml0ZSsweDdmLzB4ZTANCj4g
PiA+ID4gWzExNTU4MDUzLjcwOTY3NF0gIFs8ZmZmZmZmZmY4MTY5NjRjOT5dDQo+ID4gPiA+IHN5
c3RlbV9jYWxsX2Zhc3RwYXRoKzB4MTYvMHgxYg0KPiA+ID4gPiANCj4gPiA+ID4gRml4IHRoaXMg
Ynkgc25wcmludGYgYW5kIGEgc2FmZSBsZW5ndGggYmFzZWQgb24gc2l6ZW9mKGlkX3N0cikuDQo+
ID4gPiA+IA0KPiA+ID4gPiBTaWduZWQtb2ZmLWJ5OiBEYXZlIFd5c29jaGFuc2tpIDxkd3lzb2No
YUByZWRoYXQuY29tPg0KPiA+ID4gPiBSZXBvcnRlZC1ieTogU3RlcGhlbiBKb2huc3RvbiA8c2pv
aG5zdG9AcmVkaGF0LmNvbT4NCj4gPiA+ID4gLS0tDQo+ID4gPiA+ICBmcy9uZnMvbmZzNGlkbWFw
LmMgfCAyICstDQo+ID4gPiA+ICAxIGZpbGUgY2hhbmdlZCwgMSBpbnNlcnRpb24oKyksIDEgZGVs
ZXRpb24oLSkNCj4gPiA+ID4gDQo+ID4gPiA+IGRpZmYgLS1naXQgYS9mcy9uZnMvbmZzNGlkbWFw
LmMgYi9mcy9uZnMvbmZzNGlkbWFwLmMNCj4gPiA+ID4gaW5kZXggMjJkYzMwYTY3OWEwLi5hOGM2
NjNmOGRkOTkgMTAwNjQ0DQo+ID4gPiA+IC0tLSBhL2ZzL25mcy9uZnM0aWRtYXAuYw0KPiA+ID4g
PiArKysgYi9mcy9uZnMvbmZzNGlkbWFwLmMNCj4gPiA+ID4gQEAgLTYyNyw3ICs2MjcsNyBAQCBz
dGF0aWMgaW50DQo+ID4gPiA+IG5mc19pZG1hcF9yZWFkX2FuZF92ZXJpZnlfbWVzc2FnZShzdHJ1
Y3QgaWRtYXBfbXNnICppbSwNCj4gPiA+ID4gIAkJaWYgKHN0cmNtcCh1cGNhbGwtPmltX25hbWUs
IGltLT5pbV9uYW1lKSAhPSAwKQ0KPiA+ID4gPiAgCQkJYnJlYWs7DQo+ID4gPiA+ICAJCS8qIE5v
dGU6IGhlcmUgd2Ugc3RvcmUgdGhlIE5VTCB0ZXJtaW5hdG9yIHRvbw0KPiA+ID4gPiAqLw0KPiA+
ID4gPiAtCQlsZW4gPSBzcHJpbnRmKGlkX3N0ciwgIiVkIiwgaW0tPmltX2lkKSArIDE7DQo+ID4g
PiA+ICsJCWxlbiA9IHNucHJpbnRmKGlkX3N0ciwgc2l6ZW9mKGlkX3N0ciksICIldSIsDQo+ID4g
PiA+IGltLQ0KPiA+ID4gPiA+IGltX2lkKSArIDE7DQo+ID4gPiA+IA0KPiA+ID4gPiAgCQlyZXQg
PSBuZnNfaWRtYXBfaW5zdGFudGlhdGUoa2V5LCBhdXRoa2V5LA0KPiA+ID4gPiBpZF9zdHIsDQo+
ID4gPiA+IGxlbik7DQo+ID4gPiA+ICAJCWJyZWFrOw0KPiA+ID4gPiAgCWNhc2UgSURNQVBfQ09O
Vl9JRFRPTkFNRToNCj4gPiA+IA0KPiA+ID4gDQo+ID4gPiBJIGRpZCBub3Qgc2VlIGFueSByZXBs
eSB0byB0aGlzIGFuZCB3ZSBkaWQgaGF2ZSBvbmUgY3VzdG9tZXIgaGl0DQo+ID4gPiB0aGlzDQo+
ID4gPiB3aGljaCBjYXVzZWQgYSBjb25zaWRlcmFibGUgb3V0YWdlIG9mIG1hbnkgbWFjaGluZXMu
ICBJbiBlc3NlbmNlDQo+ID4gPiBvbmNlDQo+ID4gPiB0aGlzIGhhcHBlbmVkLCBpdCBiZWNhbWUg
YSBEb1Mgb24gYWxsIG1hY2hpbmVzIHVzaW5nIGlkbWFwcGluZw0KPiA+ID4gYW5kDQo+ID4gPiB0
aGV5DQo+ID4gPiBpbXBsZW1lbnRlZCBhIHRlbXBvcmFyeSB3b3JrYXJvdW5kLg0KPiA+ID4gDQo+
ID4gPiBBbm5hIC8gVHJvbmQgLSBpZiB5b3UgbmVlZCBtZSB0byBpbXByb3ZlIHRoZSBwYXRjaCBo
ZWFkZXIgb3Igd2FudA0KPiA+ID4gY2xhcmlmaWNhdGlvbiBvciBzZWUgYSBwcm9ibGVtIHdpdGgg
aXQsIHBsZWFzZSBsZXQgbWUga25vdy4NCj4gPiA+IA0KPiA+IA0KPiA+IElmIHRoZSB2YWx1ZSBv
ZiBORlNfVUlOVF9NQVhMRU4gaXMgdG9vIHNtYWxsLCB0aGVuIHNob3VsZG4ndCB3ZSBiZQ0KPiA+
IGluY3JlYXNpbmcgaXQ/IFRoYXQgd291bGQgYXBwZWFyIHRvIGJlIHRoZSByZWFsIGJ1ZyBoZXJl
Lg0KPiA+IA0KPiANCj4gU29ycnkgdGhlIHBhdGNoIGhlYWRlciBkb2Vzbid0IGV4cGxhaW4gaXQg
d2VsbC4gIFRoZSAlZCB1c2FnZSB3aXRoIGENCj4gX191MzIgaXMgdGhlIHByb2JsZW0uICBJZiB3
ZSBnZXQgYSBsYXJnZSBlbm91Z2ggdmFsdWUsIHRoZSAnLScgc2lnbg0KPiBtYWtlcyBpdCBhIGJ1
ZmZlciBvdmVyZmxvdyBhbmQgdGhlIE5VTEwgb3ZlcndyaXRlcyBvbmUgYnl0ZSBvbiB0aGUNCj4g
c3RhY2suDQo+IA0KPiBFeGFtcGxlcw0KPiBjcmFzaD4gcCAodW5zaWduZWQpICgweDgwMDAwMDAw
KQ0KPiAkMSA9IDIxNDc0ODM2NDgNCj4gY3Jhc2g+IHAgKHNpZ25lZCkgKDB4ODAwMDAwMDApDQo+
ICQyID0gLTIxNDc0ODM2NDgNCj4gDQo+IFNvIHRoZSB1bnNpZ25lZCBtYXggdmFsdWUgdXNlcyAx
MCBieXRlcyBwbHVzIGEgTlVMTCwgaGVuY2UNCj4gTkZTX1VJTlRfTUFYTEVOIG9mIDExLg0KPiAN
Cj4gDQo+ID4gSSBkbyBhZ3JlZSB0aGF0IHRoZSAiJWQiIHNob3VsZCBiZSBjaGFuZ2VkIHRvICIl
dSIsIHRob3VnaC4gSXNuJ3QNCj4gPiB0aGF0DQo+ID4gc3VmZmljaWVudCB0byBtYWtlIHRoZSBi
dWZmZXIgbGFyZ2UgZW5vdWdoPw0KPiA+IA0KPiA+IA0KPiANCj4gWWVzIHlvdSBjb3VsZCBqdXN0
IGNoYW5nZSB0aGUgJWQgdG8gJXUgaW4gdGhlIHNwcmludGYsIGJ1dCB0aGUgcmVzdA0KPiBvZg0K
PiB0aGUgY29kZSB1c2VzIHNucHJpbnRmIHNvIHRoYXQncyB3aHkgSSBjaG9zZSBpdC4NCj4gDQo+
IEknbGwgYWxzbyBub3RlIHRoZXJlIGlzIG5mc19tYXBfbnVtZXJpY190b19zdHJpbmcoKSB0aGF0
IGlzIGNhbGxlZA0KPiBmcm9tDQo+IG90aGVyIGxvY2F0aW9ucywgYW5kIHdlIGNvdWxkIGNhbGwg
ZnJvbSBoZXJlIGFzIHdlbGwgZm9yIGNvbnNpc3RlbmN5Og0KPiBzdGF0aWMgaW50IG5mc19tYXBf
bnVtZXJpY190b19zdHJpbmcoX191MzIgaWQsIGNoYXIgKmJ1Ziwgc2l6ZV90DQo+IGJ1ZmxlbikN
Cj4gew0KPiAJcmV0dXJuIHNucHJpbnRmKGJ1ZiwgYnVmbGVuLCAiJXUiLCBpZCk7DQo+IH0NCj4g
DQo+IA0KPiBJZiB5b3Ugd2FudCwgSSBjb3VsZCBzdWJtaXQgYSB2MiBwYXRjaCB3aXRoIGFuIGlt
cHJvdmVkIGhlYWRlciBhbmQNCj4gdGhpczoNCj4gDQo+IGRpZmYgLS1naXQgYS9mcy9uZnMvbmZz
NGlkbWFwLmMgYi9mcy9uZnMvbmZzNGlkbWFwLmMNCj4gaW5kZXggMjJkYzMwYS4uNzc5NDExZTAg
MTAwNjQ0DQo+IC0tLSBhL2ZzL25mcy9uZnM0aWRtYXAuYw0KPiArKysgYi9mcy9uZnMvbmZzNGlk
bWFwLmMNCj4gQEAgLTM0Myw3ICszNDMsNyBAQCBzdGF0aWMgc3NpemVfdCBuZnNfaWRtYXBfbG9v
a3VwX25hbWUoX191MzIgaWQsDQo+IGNvbnN0IGNoYXIgKnR5cGUsIGNoYXIgKmJ1ZiwNCj4gICAg
ICAgICBpbnQgaWRfbGVuOw0KPiAgICAgICAgIHNzaXplX3QgcmV0Ow0KPiAgDQo+IC0gICAgICAg
aWRfbGVuID0gc25wcmludGYoaWRfc3RyLCBzaXplb2YoaWRfc3RyKSwgIiV1IiwgaWQpOw0KPiAr
ICAgICAgIGlkX2xlbiA9IG5mc19tYXBfbnVtZXJpY190b19zdHJpbmcoaWQsIGlkX3N0ciwNCj4g
c2l6ZW9mKGlkX3N0cikpOw0KPiAgICAgICAgIHJldCA9IG5mc19pZG1hcF9nZXRfa2V5KGlkX3N0
ciwgaWRfbGVuLCB0eXBlLCBidWYsIGJ1ZmxlbiwNCj4gaWRtYXApOw0KPiAgICAgICAgIGlmIChy
ZXQgPCAwKQ0KPiAgICAgICAgICAgICAgICAgcmV0dXJuIC1FSU5WQUw7DQo+IEBAIC02MjcsNyAr
NjI3LDcgQEAgc3RhdGljIGludA0KPiBuZnNfaWRtYXBfcmVhZF9hbmRfdmVyaWZ5X21lc3NhZ2Uo
c3RydWN0IGlkbWFwX21zZyAqaW0sDQo+ICAgICAgICAgICAgICAgICBpZiAoc3RyY21wKHVwY2Fs
bC0+aW1fbmFtZSwgaW0tPmltX25hbWUpICE9IDApDQo+ICAgICAgICAgICAgICAgICAgICAgICAg
IGJyZWFrOw0KPiAgICAgICAgICAgICAgICAgLyogTm90ZTogaGVyZSB3ZSBzdG9yZSB0aGUgTlVM
IHRlcm1pbmF0b3IgdG9vICovDQo+IC0gICAgICAgICAgICAgICBsZW4gPSBzcHJpbnRmKGlkX3N0
ciwgIiVkIiwgaW0tPmltX2lkKSArIDE7DQo+ICsgICAgICAgICAgICAgICBsZW4gPSBuZnNfbWFw
X251bWVyaWNfdG9fc3RyaW5nKGltLT5pbV9pZCwgaWRfc3RyLA0KPiBzaXplb2YoaWRfc3RyKSkg
KyAxOw0KPiANCg0KWWVzLCBJIHRoaW5rIHRoaXMgbWFrZXMgbW9yZSBzZW5zZS4gQ2FuIHlvdSBw
bGVhc2Ugc2VuZCBtZSBhIHYyIHdpdGgNCnRoaXMgZml4dXAuDQoNClRoYW5rcyENCiAgVHJvbmQN
Cg0KLS0gDQpUcm9uZCBNeWtsZWJ1c3QNCkNUTywgSGFtbWVyc3BhY2UgSW5jDQo0MzAwIEVsIENh
bWlubyBSZWFsLCBTdWl0ZSAxMDUNCkxvcyBBbHRvcywgQ0EgOTQwMjINCnd3dy5oYW1tZXIuc3Bh
Y2UgaWQ9Ii14LWV2by1zZWxlY3Rpb24tZW5kLW1hcmtlciI+