linux-stable-rt/fs/nfsd
J. Bruce Fields 87d26ea777 nfsd: more careful input validation in nfsctl write methods
Neil Brown points out that we're checking buf[size-1] in a couple places
without first checking whether size is zero.

Actually, given the implementation of simple_transaction_get(), buf[-1]
is zero, so in both of these cases the subsequent check of the value of
buf[size-1] will catch this case.

But it seems fragile to depend on that, so add explicit checks for this
case.

Signed-off-by: J. Bruce Fields <bfields@citi.umich.edu>
Acked-by: NeilBrown <neilb@suse.de>
2008-02-01 16:42:15 -05:00
..
Makefile
auth.c
auth.h nfsd: minor fs/nfsd/auth.h cleanup 2008-02-01 16:42:05 -05:00
export.c knfsd: don't bother mapping putrootfh enoent to eperm 2008-02-01 16:42:15 -05:00
lockd.c
nfs2acl.c nfsd: Fix inconsistent assignment 2008-02-01 16:42:01 -05:00
nfs3acl.c
nfs3proc.c
nfs3xdr.c nfsd: fix encode_entryplus_baggage() indentation 2008-02-01 16:42:06 -05:00
nfs4acl.c
nfs4callback.c nfsd4: recognize callback channel failure earlier 2008-02-01 16:42:06 -05:00
nfs4idmap.c knfsd: allow cache_register to return error on failure 2008-02-01 16:42:05 -05:00
nfs4proc.c nfsd: Allow AIX client to read dir containing mountpoints 2008-02-01 16:42:06 -05:00
nfs4recover.c
nfs4state.c nfsd4: clean up access_valid, deny_valid checks. 2008-02-01 16:42:07 -05:00
nfs4xdr.c nfsd: Allow AIX client to read dir containing mountpoints 2008-02-01 16:42:06 -05:00
nfscache.c nfsd: fail module init on reply cache init failure 2008-02-01 16:42:04 -05:00
nfsctl.c nfsd: more careful input validation in nfsctl write methods 2008-02-01 16:42:15 -05:00
nfsfh.c nfsd: move nfsd/auth.h into fs/nfsd 2008-02-01 16:42:05 -05:00
nfsproc.c
nfssvc.c svc: Make close transport independent 2008-02-01 16:42:11 -05:00
nfsxdr.c nfsd: move nfsd/auth.h into fs/nfsd 2008-02-01 16:42:05 -05:00
stats.c
vfs.c nfsd: allow root to set uid and gid on create 2008-02-01 16:42:07 -05:00