NFS_ROOT bug

braam@cs.cmu.edu
Tue, 02 Nov 1999 11:19:42 -0700

Messages sorted by: [ date ][ thread ][ subject ][ author ]
Next message: Jens Axboe: "Re: your mail"
Previous message: Trond Myklebust: "Re: structure dentry help..."
Next in thread: Trond Myklebust: "Re: NFS_ROOT bug"
Reply: Trond Myklebust: "Re: NFS_ROOT bug"

This is a multi-part message in MIME format.
--------------617E92BAB30C70EB7CF7A7FA
Content-Type: text/plain; charset=us-ascii
Content-Transfer-Encoding: 7bit

Hi,

I came across a small bug in the NFS root mount_clnt implementation.
The buffer size in the RPC call structure is not correctly set - worse
is that a rogue pointer (the result size) is entered at the "call count"
spot.

Here is a tiny patch.

- Peter -
--------------617E92BAB30C70EB7CF7A7FA
Content-Type: text/plain; charset=us-ascii;
name="nfs"
Content-Transfer-Encoding: 7bit
Content-Disposition: inline;
filename="nfs"

--- fs/nfs/mount_clnt.c.orig Tue Nov 2 12:05:36 1999
+++ fs/nfs/mount_clnt.c Tue Nov 2 12:15:00 1999
@@ -23,6 +23,11 @@
# define NFSDBG_FACILITY NFSDBG_ROOT
#endif

+#ifndef MAX
+# define MAX(a, b) (((a) > (b))? (a) : (b))
+#endif
+
+
/*
#define MOUNT_PROGRAM 100005
#define MOUNT_VERSION 1
@@ -119,7 +124,7 @@
{ "mnt_mount",
(kxdrproc_t) xdr_encode_dirpath,
(kxdrproc_t) xdr_decode_fhstatus,
- MNT_dirpath_sz, MNT_fhstatus_sz },
+ MAX(MNT_dirpath_sz, MNT_fhstatus_sz), 0},
};

static struct rpc_version mnt_version1 = {

--------------617E92BAB30C70EB7CF7A7FA--

-
To unsubscribe from this list: send the line "unsubscribe linux-kernel" in
the body of a message to majordomo@vger.rutgers.edu
Please read the FAQ at http://www.tux.org/lkml/

Next message: Jens Axboe: "Re: your mail"
Previous message: Trond Myklebust: "Re: structure dentry help..."
Next in thread: Trond Myklebust: "Re: NFS_ROOT bug"
Reply: Trond Myklebust: "Re: NFS_ROOT bug"