Module Name:    src
Committed By:   riastradh
Date:           Thu Mar 23 19:52:33 UTC 2023

Modified Files:
        src/sys/nfs: nfsm_subs.h

Log Message:
nfs: Use unsigned fhlen so we don't trip over negative values.

XXX pullup-8
XXX pullup-9
XXX pullup-10


To generate a diff of this commit:
cvs rdiff -u -r1.55 -r1.56 src/sys/nfs/nfsm_subs.h

Please note that diffs are not public domain; they are subject to the
copyright notices on the relevant files.

Modified files:

Index: src/sys/nfs/nfsm_subs.h
diff -u src/sys/nfs/nfsm_subs.h:1.55 src/sys/nfs/nfsm_subs.h:1.56
--- src/sys/nfs/nfsm_subs.h:1.55	Thu Aug 12 20:25:27 2021
+++ src/sys/nfs/nfsm_subs.h	Thu Mar 23 19:52:33 2023
@@ -1,4 +1,4 @@
-/*	$NetBSD: nfsm_subs.h,v 1.55 2021/08/12 20:25:27 andvar Exp $	*/
+/*	$NetBSD: nfsm_subs.h,v 1.56 2023/03/23 19:52:33 riastradh Exp $	*/
 
 /*
  * Copyright (c) 1989, 1993
@@ -480,20 +480,24 @@
 		} }
 
 #define nfsm_srvmtofh(nsfh) \
-	{ int fhlen = NFSX_V3FH; \
+	{ uint32_t fhlen = NFSX_V3FH; \
 		if (nfsd->nd_flag & ND_NFSV3) { \
-			nfsm_dissect(tl, u_int32_t *, NFSX_UNSIGNED); \
-			fhlen = fxdr_unsigned(int, *tl); \
+			nfsm_dissect(tl, uint32_t *, NFSX_UNSIGNED); \
+			fhlen = fxdr_unsigned(uint32_t, *tl); \
+			CTASSERT(NFSX_V3FHMAX <= FHANDLE_SIZE_MAX); \
 			if (fhlen > NFSX_V3FHMAX || \
 			    (fhlen < FHANDLE_SIZE_MIN && fhlen > 0)) { \
 				error = EBADRPC; \
 				nfsm_reply(0); \
 			} \
 		} else { \
+			CTASSERT(NFSX_V2FH >= FHANDLE_SIZE_MIN); \
 			fhlen = NFSX_V2FH; \
 		} \
 		(nsfh)->nsfh_size = fhlen; \
 		if (fhlen != 0) { \
+			KASSERT(fhlen >= FHANDLE_SIZE_MIN); \
+			KASSERT(fhlen <= FHANDLE_SIZE_MAX); \
 			nfsm_dissect(tl, u_int32_t *, fhlen); \
 			memcpy(NFSRVFH_DATA(nsfh), tl, fhlen); \
 		} \

Reply via email to