We know the length of our message buffers. If we get a message
that's too long, just dump it and ignore it.
This resolves:
http://tracker.ceph.com/issues/4664
Signed-off-by: Alex Elder <[email protected]>
---
net/ceph/messenger.c | 6 ++++++
1 file changed, 6 insertions(+)
diff --git a/net/ceph/messenger.c b/net/ceph/messenger.c
index 994192b..ae825e44 100644
--- a/net/ceph/messenger.c
+++ b/net/ceph/messenger.c
@@ -2207,6 +2207,12 @@ static int read_partial_message(struct
ceph_connection *con)
ret = ceph_con_in_msg_alloc(con, &skip);
if (ret < 0)
return ret;
+
+ if (data_len > con->in_msg->data_length) {
+ pr_warning("%s skipping long message (%u > %zd)\n",
+ __func__, data_len, con->in_msg->data_length);
+ skip = 1;
+ }
if (skip) {
/* skip this message */
dout("alloc_msg said skip message\n");
--
1.7.9.5
--
To unsubscribe from this list: send the line "unsubscribe ceph-devel" in
the body of a message to [email protected]
More majordomo info at http://vger.kernel.org/majordomo-info.html
