SUNRPC: Introduce xdr_stream-based decoders for RPCB_UNSET Replace the open-coded decode logic for rpcbind UNSET results with an xdr_stream-based implementation, similar to what NFSv4 uses, to protect against buffer overflows. The new function is unused for the moment. Signed-off-by: Chuck Lever <chuck.lever@oracle.com> Signed-off-by: Trond Myklebust <Trond.Myklebust@netapp.com>

commit: 7ed0ff983c8ad30bf4e2b9fdbb299a3e3ec08d08 [log] [tgz]
author: Chuck Lever <chuck.lever@oracle.com> Sun Aug 09 15:09:42 2009 -0400
committer: Trond Myklebust <Trond.Myklebust@netapp.com> Sun Aug 09 15:09:42 2009 -0400
tree: e93eedc32104cf0b6f26b5b8a1fbd61b33df5df8
parent: 0d36c4f7574d5a33bedd8f0e3c793490d45d83c6 [diff] [blame]
diff --git a/net/sunrpc/rpcb_clnt.c b/net/sunrpc/rpcb_clnt.c
index e0d7b31..fe183af 100644
--- a/net/sunrpc/rpcb_clnt.c
+++ b/net/sunrpc/rpcb_clnt.c

@@ -736,6 +736,28 @@
 	return 0;
 }
 
+static int rpcb_dec_set(struct rpc_rqst *req, __be32 *p,
+			unsigned int *boolp)
+{
+	struct rpc_task *task = req->rq_task;
+	struct xdr_stream xdr;
+
+	xdr_init_decode(&xdr, &req->rq_rcv_buf, p);
+
+	p = xdr_inline_decode(&xdr, sizeof(__be32));
+	if (unlikely(p == NULL))
+		return -EIO;
+
+	*boolp = 0;
+	if (*p)
+		*boolp = 1;
+
+	dprintk("RPC: %5u RPCB_%s call %s\n",
+			task->tk_pid, task->tk_msg.rpc_proc->p_name,
+			(*boolp ? "succeeded" : "failed"));
+	return 0;
+}
+
 static int encode_rpcb_string(struct xdr_stream *xdr, const char *string,
 				const u32 maxstrlen)
 {
commit	7ed0ff983c8ad30bf4e2b9fdbb299a3e3ec08d08	[log] [tgz]
author	Chuck Lever <chuck.lever@oracle.com>	Sun Aug 09 15:09:42 2009 -0400
committer	Trond Myklebust <Trond.Myklebust@netapp.com>	Sun Aug 09 15:09:42 2009 -0400
tree	e93eedc32104cf0b6f26b5b8a1fbd61b33df5df8
parent	0d36c4f7574d5a33bedd8f0e3c793490d45d83c6 [diff] [blame]