Received: by 2002:a25:e7d8:0:0:0:0:0 with SMTP id e207csp892774ybh; Wed, 11 Mar 2020 13:00:58 -0700 (PDT) X-Google-Smtp-Source: ADFU+vuiVIh30FF1bm6xbMcvYuwOV1FYISP1kxKdvnxxg99XzEGGHqPw68pbLB20ZGKpr3/6SxqV X-Received: by 2002:a9d:76c9:: with SMTP id p9mr3645286otl.135.1583956858018; Wed, 11 Mar 2020 13:00:58 -0700 (PDT) ARC-Seal: i=1; a=rsa-sha256; t=1583956858; cv=none; d=google.com; s=arc-20160816; b=MxNhgDB3CqApZDq0DgHljGg9TjsL2HNUCkD1otAgTeo4jqNfc3VRYwQJ5stH+sggLa mQ8lVMwlD65BzBPJQNoGzgE5Fp3MoMdPVYV7HpkvOtDhObSVEaEGydKUPmnrqklo5ZUR ccJakgShz61jD6tsB6yjyxt87ucna45K71wetO6roWIui4vDIZoZd0OLKaeJcjeZrj1B gdTgLxnh8M+mQ3GRIpsR/axrH7WDNZ04a6x+gTG3A5Lbj8by6te0O+ckzOoPpTs3y5q8 fV96x20gwo4L6ezjFvC/x3xBbEFkXLqr8/FP7j/uZVaG3NyCN4UT9j5kEBBm6JMELoMO hYtQ== ARC-Message-Signature: i=1; a=rsa-sha256; c=relaxed/relaxed; d=google.com; s=arc-20160816; h=list-id:precedence:sender:mime-version:references:in-reply-to :message-id:date:subject:cc:to:from:ironport-sdr:dkim-signature; bh=4THswT0o52ovnlzrXKlcAZT1YB714M/0FcpslE4Pfsw=; b=I3RiCb5ex7pFOwhCUFFikEgCl/urY1/jf0f5NRzeFYbw6InI6bePQWLR1rx+c5gBQo qFAmSYeOqJJjLZF7u4K0ewfqlmak1ioBN4qSIa3iUR7dcg7rCRuG17ny1s/2tEcCogeK fiSGc+T+Fqqo/T+49GpttL6G9K7Xb3ZId/zyllTAwyrGOV7/CrvcAlrQY0BV4ylHkHZl Wtwc0ceP5Q656eLHAvEzQ7KzBs9MggZs0vcjl55Q97Bn2n3LEL/iDgshsDokI6j4cQ+G lKFK2xHdwwvOs5NIUWI5f6tfnix9gB0c3ksLY9liQVegDmpBMOUpVrPQcdPhzqNX0Vgu l3Pg== ARC-Authentication-Results: i=1; mx.google.com; dkim=pass header.i=@amazon.com header.s=amazon201209 header.b=Tiki7QWE; spf=pass (google.com: best guess record for domain of linux-nfs-owner@vger.kernel.org designates 209.132.180.67 as permitted sender) smtp.mailfrom=linux-nfs-owner@vger.kernel.org; dmarc=pass (p=QUARANTINE sp=QUARANTINE dis=NONE) header.from=amazon.com Return-Path: Received: from vger.kernel.org (vger.kernel.org. [209.132.180.67]) by mx.google.com with ESMTP id q21si564433oov.64.2020.03.11.13.00.46; Wed, 11 Mar 2020 13:00:57 -0700 (PDT) Received-SPF: pass (google.com: best guess record for domain of linux-nfs-owner@vger.kernel.org designates 209.132.180.67 as permitted sender) client-ip=209.132.180.67; Authentication-Results: mx.google.com; dkim=pass header.i=@amazon.com header.s=amazon201209 header.b=Tiki7QWE; spf=pass (google.com: best guess record for domain of linux-nfs-owner@vger.kernel.org designates 209.132.180.67 as permitted sender) smtp.mailfrom=linux-nfs-owner@vger.kernel.org; dmarc=pass (p=QUARANTINE sp=QUARANTINE dis=NONE) header.from=amazon.com Received: (majordomo@vger.kernel.org) by vger.kernel.org via listexpand id S2387463AbgCKUAS (ORCPT + 99 others); Wed, 11 Mar 2020 16:00:18 -0400 Received: from smtp-fw-9101.amazon.com ([207.171.184.25]:56670 "EHLO smtp-fw-9101.amazon.com" rhost-flags-OK-OK-OK-OK) by vger.kernel.org with ESMTP id S2387447AbgCKUAS (ORCPT ); Wed, 11 Mar 2020 16:00:18 -0400 DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed; d=amazon.com; i=@amazon.com; q=dns/txt; s=amazon201209; t=1583956817; x=1615492817; h=from:to:cc:subject:date:message-id:in-reply-to: references:mime-version; bh=4THswT0o52ovnlzrXKlcAZT1YB714M/0FcpslE4Pfsw=; b=Tiki7QWEQHqXwsTDaEgr6Z56X+2seMlA4dQFA2D1FOvtazs76ONQDpst SlTGE1CEZRjiRCH25U2KqzI61jcCqiSxUdki+rsEUa3NqmNOyaeCb90nE k7EqWBV5+EAYFe2QNt0DyPogS//0UieqR+V+9WaAV8FDrz+jgW0O4lOLk E=; IronPort-SDR: OPsR8adRoXxDdGxbP1UpIoarxi54t1P3vm6FT2w+4BVLTOIo0Zay+FQymQymFZe2emu5vfRdG0 ZQCSaduazOng== X-IronPort-AV: E=Sophos;i="5.70,541,1574121600"; d="scan'208";a="22302158" Received: from sea32-co-svc-lb4-vlan3.sea.corp.amazon.com (HELO email-inbound-relay-1e-303d0b0e.us-east-1.amazon.com) ([10.47.23.38]) by smtp-border-fw-out-9101.sea19.amazon.com with ESMTP; 11 Mar 2020 20:00:16 +0000 Received: from EX13MTAUWB001.ant.amazon.com (iad55-ws-svc-p15-lb9-vlan3.iad.amazon.com [10.40.159.166]) by email-inbound-relay-1e-303d0b0e.us-east-1.amazon.com (Postfix) with ESMTPS id BC635A3059; Wed, 11 Mar 2020 20:00:15 +0000 (UTC) Received: from EX13D13UWB001.ant.amazon.com (10.43.161.156) by EX13MTAUWB001.ant.amazon.com (10.43.161.207) with Microsoft SMTP Server (TLS) id 15.0.1367.3; Wed, 11 Mar 2020 19:59:56 +0000 Received: from EX13MTAUEA002.ant.amazon.com (10.43.61.77) by EX13D13UWB001.ant.amazon.com (10.43.161.156) with Microsoft SMTP Server (TLS) id 15.0.1497.2; Wed, 11 Mar 2020 19:59:56 +0000 Received: from dev-dsk-fllinden-2c-c1893d73.us-west-2.amazon.com (172.23.141.97) by mail-relay.amazon.com (10.43.61.169) with Microsoft SMTP Server id 15.0.1236.3 via Frontend Transport; Wed, 11 Mar 2020 19:59:55 +0000 Received: by dev-dsk-fllinden-2c-c1893d73.us-west-2.amazon.com (Postfix, from userid 6262777) id 0E5E9DEC0F; Wed, 11 Mar 2020 19:59:55 +0000 (UTC) From: Frank van der Linden To: , , CC: Frank van der Linden Subject: [PATCH 04/14] nfsd: make sure the nfsd4_ops array has the right size Date: Wed, 11 Mar 2020 19:59:44 +0000 Message-ID: <20200311195954.27117-5-fllinden@amazon.com> X-Mailer: git-send-email 2.16.6 In-Reply-To: <20200311195954.27117-1-fllinden@amazon.com> References: <20200311195954.27117-1-fllinden@amazon.com> MIME-Version: 1.0 Content-Type: text/plain Sender: linux-nfs-owner@vger.kernel.org Precedence: bulk List-ID: X-Mailing-List: linux-nfs@vger.kernel.org The nfsd4_ops was initialized by initializing individual indices (op numbers). So, the size of the array was determined by the largest op number. Some operations are enabled conditionally, based on config options. If a conditionally enabled operation were to be the highest numbered operation, the code (through OPDESC) would attempt to access memory beyond the end of the array. This currently can't happen, since the highest numbered op is not conditional, but it might in the future. So, always size the array with LAST_NFS4_OP + 1. Signed-off-by: Frank van der Linden --- fs/nfsd/nfs4proc.c | 2 +- 1 file changed, 1 insertion(+), 1 deletion(-) diff --git a/fs/nfsd/nfs4proc.c b/fs/nfsd/nfs4proc.c index 0e75f7fb5fec..5de6449e6ff8 100644 --- a/fs/nfsd/nfs4proc.c +++ b/fs/nfsd/nfs4proc.c @@ -2699,7 +2699,7 @@ static inline u32 nfsd4_seek_rsize(struct svc_rqst *rqstp, struct nfsd4_op *op) return (op_encode_hdr_size + 3) * sizeof(__be32); } -static const struct nfsd4_operation nfsd4_ops[] = { +static const struct nfsd4_operation nfsd4_ops[LAST_NFS4_OP + 1] = { [OP_ACCESS] = { .op_func = nfsd4_access, .op_name = "OP_ACCESS", -- 2.16.6