Re: [PATCH 09/10] nfsd: cap decoded POSIX ACL count to bound sort cost

Next message: Nhat Pham: "Re: [RFC PATCH v2 4/9] mm: admit large swapin by backend range in swapin_sync()"
Previous message: Paul Moore: "Re: PowerPC: Random memory corruption causing kernel oops on Power11"
In reply to: Jeff Layton: "Re: [PATCH 09/10] nfsd: cap decoded POSIX ACL count to bound sort cost"
Next in thread: Jeff Layton: "Re: [PATCH 09/10] nfsd: cap decoded POSIX ACL count to bound sort cost"
Messages sorted by: [ date ] [ thread ] [ subject ] [ author ]

From: Chuck Lever

Date: Fri May 29 2026 - 14:34:37 EST

[ replaced broken email address for Trond ]

On Thu, May 28, 2026, at 5:55 PM, Jeff Layton wrote:

> diff --git a/fs/nfsd/nfs4xdr.c b/fs/nfsd/nfs4xdr.c
> index c6c50c376b23..5469c6c207ba 100644
> --- a/fs/nfsd/nfs4xdr.c
> +++ b/fs/nfsd/nfs4xdr.c
> @@ -448,6 +448,8 @@ nfsd4_decode_posixacl(struct nfsd4_compoundargs
> *argp, struct posix_acl **acl)
>
> if (xdr_stream_decode_u32(argp->xdr, &count) < 0)
> return nfserr_bad_xdr;
> + if (count > NFS_ACL_MAX_ENTRIES)
> + return nfserr_resource;

nfserr_resource is consistent with other fattr4 decoders, but
does not make sense here, IMO. A better choice is nfserr_inval.

Rick, any opinion?

> *acl = posix_acl_alloc(count, GFP_KERNEL);
> if (*acl == NULL)
>
> --
> 2.54.0

--
Chuck Lever