I've found that mount (from util-linux 2.12 + CITI_NFS4_ALL-3 patch) will segfault with
this (probably rare) command:
mount -o tcp,nosuid,rw,rsize=8192,wsize=8192,nfsvers=3,mountvers=2,intr,sec=krb5
server:/volume /mntpoint
This is because nfs_call_mount() will run nfs2_mount() when mountvers=2, but since
nfsvers=3, nfsmount() will expect certain fields to be filled out, which are not. Causing
a segfault here, where flavor points to an invalid address.
1061 if (flavor[i] == data.pseudoflavor)
Is nfsvers=3,mountvers=2 even OK to do? If not, mount should print an error instead of
segfault.
Thanks,
Vince
-------------------------------------------------------
This SF.net email is sponsored by: Splunk Inc. Do you grep through log files
for problems? Stop! Download the new AJAX search engine that makes
searching your log files as easy as surfing the web. DOWNLOAD SPLUNK!
http://ads.osdn.com/?ad_id=7637&alloc_id=16865&op=click
_______________________________________________
NFS maillist - [email protected]
https://lists.sourceforge.net/lists/listinfo/nfs
On Wed, 2005-12-21 at 17:30 -0800, Vince Busam wrote:
> Is nfsvers=3,mountvers=2 even OK to do? If not, mount should print an error instead of
> segfault.
Do you mean that the kernel Oopses, or is it really just a userland
segfault. If the latter, we really don't care too much: mixing nfsvers=3
and mountvers=2 is just silly. Sure, we can put a check in util-linux,
but there is no security implication.
OTOH, an Oops will be a security problem.
Cheers,
Trond
-------------------------------------------------------
This SF.net email is sponsored by: Splunk Inc. Do you grep through log files
for problems? Stop! Download the new AJAX search engine that makes
searching your log files as easy as surfing the web. DOWNLOAD SPLUNK!
http://ads.osdn.com/?ad_id=7637&alloc_id=16865&op=click
_______________________________________________
NFS maillist - [email protected]
https://lists.sourceforge.net/lists/listinfo/nfs
Trond Myklebust wrote:
> On Wed, 2005-12-21 at 17:30 -0800, Vince Busam wrote:
>
>>Is nfsvers=3,mountvers=2 even OK to do? If not, mount should print an error instead of
>>segfault.
>
>
> Do you mean that the kernel Oopses, or is it really just a userland
> segfault. If the latter, we really don't care too much: mixing nfsvers=3
> and mountvers=2 is just silly. Sure, we can put a check in util-linux,
> but there is no security implication.
It's a harmless userland segfault that could be fixed with a simple check like this (or a
more thorough one if somebody has more knowledge over which versions don't work together).
Vince
--- util-linux-2.12.nfsv4/mount/nfsmount.c.orig 2005-12-21 15:56:02.000000000 -0800
+++ util-linux-2.12.nfsv4/mount/nfsmount.c 2005-12-22 13:51:33.000000000 -0800
@@ -803,6 +803,10 @@ nfsmnt_check_compat(const struct pmap *n
mnt_pmap->pm_vers);
goto out_bad;
}
+ if ((nfs_pmap->pm_vers == 3) && (mnt_pmap->pm_vers < 3)) {
+ fprintf(stderr, _("NFS version 3 not supported with mount < 3\n"));
+ goto out_bad;
+ }
return 1;
out_bad:
return 0;
-------------------------------------------------------
This SF.net email is sponsored by: Splunk Inc. Do you grep through log files
for problems? Stop! Download the new AJAX search engine that makes
searching your log files as easy as surfing the web. DOWNLOAD SPLUNK!
http://ads.osdn.com/?ad_id=7637&alloc_id=16865&op=click
_______________________________________________
NFS maillist - [email protected]
https://lists.sourceforge.net/lists/listinfo/nfs