Re: [PATCH] nfsd: wrong index used in inner loop

From: J. Bruce Fields
Date: Thu Mar 10 2011 - 13:08:14 EST


On Wed, Mar 09, 2011 at 03:42:30PM -0800, Andrew Morton wrote:
> On Tue, 08 Mar 2011 22:32:26 +0100
> roel <roel.kluin@xxxxxxxxx> wrote:
>
> > Index i was already used in the outer loop
> >
> > Signed-off-by: Roel Kluin <roel.kluin@xxxxxxxxx>
> > ---
> > fs/nfsd/nfs4xdr.c | 4 ++--
> > 1 files changed, 2 insertions(+), 2 deletions(-)
> >
> > Not 100% sure this one is needed but it looks suspicious.
> >
> > diff --git a/fs/nfsd/nfs4xdr.c b/fs/nfsd/nfs4xdr.c
> > index 1275b86..615f0a9 100644
> > --- a/fs/nfsd/nfs4xdr.c
> > +++ b/fs/nfsd/nfs4xdr.c
> > @@ -1142,7 +1142,7 @@ nfsd4_decode_create_session(struct nfsd4_compoundargs *argp,
> >
> > u32 dummy;
> > char *machine_name;
> > - int i;
> > + int i, j;
> > int nr_secflavs;
> >
> > READ_BUF(16);
> > @@ -1215,7 +1215,7 @@ nfsd4_decode_create_session(struct nfsd4_compoundargs *argp,
> > READ_BUF(4);
> > READ32(dummy);
> > READ_BUF(dummy * 4);
> > - for (i = 0; i < dummy; ++i)
> > + for (j = 0; j < dummy; ++j)
> > READ32(dummy);
> > break;
> > case RPC_AUTH_GSS:
>
> ooh, big bug.
>
> I wonder why it was not previously detected at runtime. Perhaps
> nr_secflavs is always 1.

Yeah, no client uses this calback security information yet.

Mi Jinlong, do you think this is something we could have caught with
another pynfs test?

--b.
--
To unsubscribe from this list: send the line "unsubscribe linux-kernel" in
the body of a message to majordomo@xxxxxxxxxxxxxxx
More majordomo info at http://vger.kernel.org/majordomo-info.html
Please read the FAQ at http://www.tux.org/lkml/