Module Name: src Committed By: riastradh Date: Thu Mar 23 19:52:33 UTC 2023
Modified Files: src/sys/nfs: nfsm_subs.h Log Message: nfs: Use unsigned fhlen so we don't trip over negative values. XXX pullup-8 XXX pullup-9 XXX pullup-10 To generate a diff of this commit: cvs rdiff -u -r1.55 -r1.56 src/sys/nfs/nfsm_subs.h Please note that diffs are not public domain; they are subject to the copyright notices on the relevant files.
Modified files: Index: src/sys/nfs/nfsm_subs.h diff -u src/sys/nfs/nfsm_subs.h:1.55 src/sys/nfs/nfsm_subs.h:1.56 --- src/sys/nfs/nfsm_subs.h:1.55 Thu Aug 12 20:25:27 2021 +++ src/sys/nfs/nfsm_subs.h Thu Mar 23 19:52:33 2023 @@ -1,4 +1,4 @@ -/* $NetBSD: nfsm_subs.h,v 1.55 2021/08/12 20:25:27 andvar Exp $ */ +/* $NetBSD: nfsm_subs.h,v 1.56 2023/03/23 19:52:33 riastradh Exp $ */ /* * Copyright (c) 1989, 1993 @@ -480,20 +480,24 @@ } } #define nfsm_srvmtofh(nsfh) \ - { int fhlen = NFSX_V3FH; \ + { uint32_t fhlen = NFSX_V3FH; \ if (nfsd->nd_flag & ND_NFSV3) { \ - nfsm_dissect(tl, u_int32_t *, NFSX_UNSIGNED); \ - fhlen = fxdr_unsigned(int, *tl); \ + nfsm_dissect(tl, uint32_t *, NFSX_UNSIGNED); \ + fhlen = fxdr_unsigned(uint32_t, *tl); \ + CTASSERT(NFSX_V3FHMAX <= FHANDLE_SIZE_MAX); \ if (fhlen > NFSX_V3FHMAX || \ (fhlen < FHANDLE_SIZE_MIN && fhlen > 0)) { \ error = EBADRPC; \ nfsm_reply(0); \ } \ } else { \ + CTASSERT(NFSX_V2FH >= FHANDLE_SIZE_MIN); \ fhlen = NFSX_V2FH; \ } \ (nsfh)->nsfh_size = fhlen; \ if (fhlen != 0) { \ + KASSERT(fhlen >= FHANDLE_SIZE_MIN); \ + KASSERT(fhlen <= FHANDLE_SIZE_MAX); \ nfsm_dissect(tl, u_int32_t *, fhlen); \ memcpy(NFSRVFH_DATA(nsfh), tl, fhlen); \ } \