Module Name: src
Committed By: riastradh
Date: Thu Mar 23 19:52:33 UTC 2023
Modified Files:
src/sys/nfs: nfsm_subs.h
Log Message:
nfs: Use unsigned fhlen so we don't trip over negative values.
XXX pullup-8
XXX pullup-9
XXX pullup-10
To generate a diff of this commit:
cvs rdiff -u -r1.55 -r1.56 src/sys/nfs/nfsm_subs.h
Please note that diffs are not public domain; they are subject to the
copyright notices on the relevant files.
Modified files:
Index: src/sys/nfs/nfsm_subs.h
diff -u src/sys/nfs/nfsm_subs.h:1.55 src/sys/nfs/nfsm_subs.h:1.56
--- src/sys/nfs/nfsm_subs.h:1.55 Thu Aug 12 20:25:27 2021
+++ src/sys/nfs/nfsm_subs.h Thu Mar 23 19:52:33 2023
@@ -1,4 +1,4 @@
-/* $NetBSD: nfsm_subs.h,v 1.55 2021/08/12 20:25:27 andvar Exp $ */
+/* $NetBSD: nfsm_subs.h,v 1.56 2023/03/23 19:52:33 riastradh Exp $ */
/*
* Copyright (c) 1989, 1993
@@ -480,20 +480,24 @@
} }
#define nfsm_srvmtofh(nsfh) \
- { int fhlen = NFSX_V3FH; \
+ { uint32_t fhlen = NFSX_V3FH; \
if (nfsd->nd_flag & ND_NFSV3) { \
- nfsm_dissect(tl, u_int32_t *, NFSX_UNSIGNED); \
- fhlen = fxdr_unsigned(int, *tl); \
+ nfsm_dissect(tl, uint32_t *, NFSX_UNSIGNED); \
+ fhlen = fxdr_unsigned(uint32_t, *tl); \
+ CTASSERT(NFSX_V3FHMAX <= FHANDLE_SIZE_MAX); \
if (fhlen > NFSX_V3FHMAX || \
(fhlen < FHANDLE_SIZE_MIN && fhlen > 0)) { \
error = EBADRPC; \
nfsm_reply(0); \
} \
} else { \
+ CTASSERT(NFSX_V2FH >= FHANDLE_SIZE_MIN); \
fhlen = NFSX_V2FH; \
} \
(nsfh)->nsfh_size = fhlen; \
if (fhlen != 0) { \
+ KASSERT(fhlen >= FHANDLE_SIZE_MIN); \
+ KASSERT(fhlen <= FHANDLE_SIZE_MAX); \
nfsm_dissect(tl, u_int32_t *, fhlen); \
memcpy(NFSRVFH_DATA(nsfh), tl, fhlen); \
} \
