linux/fs
David Howells e8896495bc NFS: Check lengths more thoroughly in NFS4 readdir XDR decode
Check the bounds of length specifiers more thoroughly in the XDR decoding of
NFS4 readdir reply data.

Currently, if the server returns a bitmap or attr length that causes the
current decode point pointer to wrap, this could go undetected (consider a
small "negative" length on a 32-bit machine).

Also add a check into the main XDR decode handler to make sure that the amount
of data is a multiple of four bytes (as specified by RFC-1014).  This makes
sure that we can do u32* pointer subtraction in the NFS client without risking
an undefined result (the result is undefined if the pointers are not correctly
aligned with respect to one another).

Signed-Off-By: David Howells <dhowells@redhat.com>
Signed-off-by: Trond Myklebust <Trond.Myklebust@netapp.com>
(cherry picked from 5861fddd64a7eaf7e8b1a9997455a24e7f688092 commit)
2006-08-24 15:53:34 -04:00
..
9p [PATCH] 9p: fix fid behavior on failed remove 2006-07-31 13:28:44 -07:00
adfs [PATCH] adfs error message fix 2006-08-14 12:54:28 -07:00
affs [PATCH] mark address_space_operations const 2006-06-28 14:59:04 -07:00
afs [PATCH] mark address_space_operations const 2006-06-28 14:59:04 -07:00
autofs [PATCH] VFS: Permit filesystem to override root dentry on mount 2006-06-23 07:42:45 -07:00
autofs4 [PATCH] fs: use list_move() 2006-06-26 09:58:18 -07:00
befs [PATCH] Fix BeFS slab corruption 2006-08-06 08:57:48 -07:00
bfs [PATCH] mark address_space_operations const 2006-06-28 14:59:04 -07:00
cifs Remove obsolete #include <linux/config.h> 2006-06-30 19:25:36 +02:00
coda [PATCH] Remove incorrect unlock_kernel from allocation failure path in coda_open() 2006-07-31 13:28:41 -07:00
configfs configfs: Clear up a few extra spaces where there should be TABs. 2006-06-29 14:43:01 -07:00
cramfs [PATCH] mark address_space_operations const 2006-06-28 14:59:04 -07:00
debugfs Remove obsolete #include <linux/config.h> 2006-06-30 19:25:36 +02:00
devpts [PATCH] VFS: Permit filesystem to override root dentry on mount 2006-06-23 07:42:45 -07:00
efs [PATCH] efs: Remove incorrect unlock_kernel from failure path in efs_symlink_readpage() 2006-07-31 13:28:41 -07:00
exportfs [PATCH] NFS server subtree_check returns dubious value 2006-05-21 12:59:16 -07:00
ext2 [PATCH] lockdep: annotate the quota code 2006-07-03 15:27:08 -07:00
ext3 [PATCH] ext3 -nobh option causes oops 2006-07-31 13:28:44 -07:00
fat [PATCH] mark address_space_operations const 2006-06-28 14:59:04 -07:00
freevxfs [PATCH] freevxfs: Add missing lock_kernel() to vxfs_readdir 2006-07-31 13:28:44 -07:00
fuse [PATCH] fuse: fix error case in fuse_readpages 2006-08-14 12:54:29 -07:00
hfs Remove obsolete #include <linux/config.h> 2006-06-30 19:25:36 +02:00
hfsplus Remove obsolete #include <linux/config.h> 2006-06-30 19:25:36 +02:00
hostfs [PATCH] mark address_space_operations const 2006-06-28 14:59:04 -07:00
hpfs [PATCH] mark address_space_operations const 2006-06-28 14:59:04 -07:00
hppfs [PATCH] VFS: Permit filesystem to perform statfs with a known root dentry 2006-06-23 07:42:45 -07:00
hugetlbfs [PATCH] mmap zero-length hugetlb file with PROT_NONE to protect a hugetlb virtual area 2006-07-10 13:24:21 -07:00
isofs Remove obsolete #include <linux/config.h> 2006-06-30 19:25:36 +02:00
jbd [PATCH] add poison.h and patch primary users 2006-06-27 17:32:38 -07:00
jffs Remove obsolete #include <linux/config.h> 2006-06-30 19:25:36 +02:00
jffs2 Merge git://git.infradead.org/mtd-2.6 2006-07-03 21:29:08 -07:00
jfs JFS: Fix bug in quota code. tmp_bh.b_size must be initialized 2006-07-28 08:46:05 -05:00
lockd LOCKD: Fix a deadlock in nlm_traverse_files() 2006-08-24 15:51:00 -04:00
minix [PATCH] mark address_space_operations const 2006-06-28 14:59:04 -07:00
msdos [PATCH] VFS: Permit filesystem to override root dentry on mount 2006-06-23 07:42:45 -07:00
ncpfs Merge git://git.kernel.org/pub/scm/linux/kernel/git/bunk/trivial 2006-06-30 15:39:30 -07:00
nfs NFS: Check lengths more thoroughly in NFS4 readdir XDR decode 2006-08-24 15:53:34 -04:00
nfs_common
nfsd [PATCH] knfsd: Fix stale file handle problem with subtree_checking. 2006-07-31 13:28:37 -07:00
nls Remove obsolete #include <linux/config.h> 2006-06-30 19:25:36 +02:00
ntfs [PATCH] lockdep: annotate NTFS locking rules 2006-07-03 15:27:08 -07:00
ocfs2 ocfs2: allocation hints 2006-08-07 11:07:01 -07:00
openpromfs [OPENPROMFS]: Rewrite using in-kernel device tree and seq_file. 2006-06-25 23:19:14 -07:00
partitions [PATCH] enable mac partition label per default on pmac 2006-07-31 13:28:41 -07:00
proc Don't allow chmod() on the /proc/<pid>/ files 2006-07-15 12:26:45 -07:00
qnx4 Remove obsolete #include <linux/config.h> 2006-06-30 19:25:36 +02:00
ramfs [PATCH] NOMMU: Fix execution off of ramfs with mmap() 2006-07-10 13:24:21 -07:00
reiserfs [PATCH] reiserfs_write_full_page() should not get_block past eof 2006-08-06 08:57:49 -07:00
romfs [PATCH] mark address_space_operations const 2006-06-28 14:59:04 -07:00
smbfs Remove obsolete #include <linux/config.h> 2006-06-30 19:25:36 +02:00
sysfs [PATCH] lockdep: annotate the sysfs i_mutex to be a separate class 2006-07-12 12:52:54 -07:00
sysv [PATCH] mark address_space_operations const 2006-06-28 14:59:04 -07:00
udf [PATCH] initialize parts of udf inode earlier in create 2006-08-14 12:54:28 -07:00
ufs [PATCH] ufs: handle truncated pages 2006-08-06 08:57:46 -07:00
vfat [PATCH] VFS: Permit filesystem to override root dentry on mount 2006-06-23 07:42:45 -07:00
xfs [XFS] Fix xfs_free_extent related NULL pointer dereference. 2006-08-10 14:40:41 +10:00
aio.c spelling fixes 2006-06-26 18:35:02 +02:00
attr.c [PATCH] capable/capability.h (fs/) 2006-01-11 18:42:13 -08:00
bad_inode.c [PATCH] Make most file operations structs in fs/ const 2006-03-28 09:16:06 -08:00
binfmt_aout.c
binfmt_elf_fdpic.c [PATCH] FDPIC: Add coredump capability for the ELF-FDPIC binfmt 2006-07-10 13:24:22 -07:00
binfmt_elf.c [PATCH] FDPIC: Move roundup() into linux/kernel.h 2006-07-10 13:24:22 -07:00
binfmt_em86.c
binfmt_flat.c Remove obsolete #include <linux/config.h> 2006-06-30 19:25:36 +02:00
binfmt_misc.c Merge branch 'master' of /home/trondmy/kernel/linux-2.6/ 2006-06-24 13:07:53 -04:00
binfmt_script.c
binfmt_som.c Remove obsolete #include <linux/config.h> 2006-06-30 19:25:36 +02:00
bio.c [PATCH] Fix missing ret assignment in __bio_map_user() error path 2006-06-17 10:52:12 -07:00
block_dev.c [PATCH] lockdep: annotate blkdev nesting 2006-07-03 15:27:10 -07:00
buffer.c [PATCH] invalidate_bdev() speedup 2006-07-31 13:28:38 -07:00
char_dev.c [PATCH] add function documentation for register_chrdev() 2006-07-14 21:53:54 -07:00
compat_ioctl.c Remove obsolete #include <linux/config.h> 2006-06-30 19:25:36 +02:00
compat.c [PATCH] x86_64: Add compat_printk and sysctl to turn off compat layer warnings 2006-06-26 10:48:16 -07:00
dcache.c [PATCH] lockdep: annotate dcache 2006-07-03 15:27:06 -07:00
dcookies.c Remove obsolete #include <linux/config.h> 2006-06-30 19:25:36 +02:00
direct-io.c [PATCH] lockdep: annotate direct io 2006-07-03 15:27:06 -07:00
dnotify.c [PATCH] Use __read_mostly on some hot fs variables 2006-03-26 08:56:56 -08:00
dquot.c [PATCH] use list_add_tail() instead of list_add() 2006-06-26 09:58:17 -07:00
drop_caches.c
eventpoll.c [PATCH] sched: cleanup, remove task_t, convert to struct task_struct 2006-07-03 15:27:11 -07:00
exec.c Remove obsolete #include <linux/config.h> 2006-06-30 19:25:36 +02:00
fcntl.c BUG_ON() Conversion in fs/fcntl.c 2006-04-02 13:37:19 +02:00
fifo.c [PATCH] pipe.c/fifo.c code cleanups 2006-04-11 13:53:33 +02:00
file_table.c Remove obsolete #include <linux/config.h> 2006-06-30 19:25:36 +02:00
file.c [PATCH] alloc_fdtable() expansion fix 2006-07-12 12:52:55 -07:00
filesystems.c
fs-writeback.c [PATCH] zoned vm counters: conversion of nr_unstable to per zone counter 2006-06-30 11:25:36 -07:00
inode.c Merge git://git.kernel.org/pub/scm/linux/kernel/git/bunk/trivial 2006-06-30 15:39:30 -07:00
inotify_user.c [PATCH] inotify: fix deadlock found by lockdep 2006-07-31 13:28:41 -07:00
inotify.c [PATCH] inotify (4/5): allow watch removal from event handler 2006-06-20 05:25:19 -04:00
ioctl.c Remove obsolete #include <linux/config.h> 2006-06-30 19:25:36 +02:00
ioprio.c [PATCH] SELinux: Add security hook definition for getioprio and insert hooks 2006-06-30 11:25:37 -07:00
Kconfig Merge git://git.kernel.org/pub/scm/linux/kernel/git/sfrench/cifs-2.6 2006-07-13 16:38:58 -07:00
Kconfig.binfmt
libfs.c [PATCH] core: use list_move() 2006-06-26 09:58:17 -07:00
locks.c [PATCH] fcntl(F_SETSIG) fix 2006-08-14 13:10:59 -07:00
Makefile [PATCH] devfs: Remove devfs from the kernel tree 2006-06-26 12:25:05 -07:00
mbcache.c [PATCH] Typo fixes 2006-03-28 09:16:08 -08:00
mpage.c [PATCH] writeback: fix range handling 2006-06-23 07:42:49 -07:00
namei.c VFS: add lookup hint for network file systems 2006-08-24 15:49:14 -04:00
namespace.c Remove obsolete #include <linux/config.h> 2006-06-30 19:25:36 +02:00
nfsctl.c Remove obsolete #include <linux/config.h> 2006-06-30 19:25:36 +02:00
open.c [PATCH] ftruncate does not always update m/ctime 2006-06-25 10:01:15 -07:00
pipe.c [PATCH] VFS: Permit filesystem to override root dentry on mount 2006-06-23 07:42:45 -07:00
pnode.c [PATCH] core: use list_move() 2006-06-26 09:58:17 -07:00
pnode.h
posix_acl.c
quota_v1.c
quota_v2.c [PATCH] sem2mutex: quota 2006-03-23 07:38:11 -08:00
quota.c [PATCH] sem2mutex: quota 2006-03-23 07:38:11 -08:00
read_write.c [PATCH] fs/read_write.c: EXPORT_UNUSED_SYMBOL 2006-07-10 13:24:18 -07:00
readdir.c
select.c [PATCH] fs: sys_poll with timeout -1 bug fix 2006-06-25 10:01:22 -07:00
seq_file.c [PATCH] sem2mutex: fs/seq_file.c 2006-03-23 07:38:12 -08:00
splice.c [PATCH] splice: fix problems with sys_tee() 2006-07-10 11:00:01 +02:00
stat.c Remove obsolete #include <linux/config.h> 2006-06-30 19:25:36 +02:00
super.c [PATCH] lockdep: annotate sb ->s_umount 2006-07-03 15:27:09 -07:00
sync.c [PATCH] writeback: fix range handling 2006-06-23 07:42:49 -07:00
xattr_acl.c
xattr.c [PATCH] log more info for directory entry change events 2006-06-20 05:25:28 -04:00