NFSD: Watch for rq_pages bounds checking errors in nfsd_splice_actor() - blaster4385/linux-IllusionX - Linux kernel with personal config changes for arch linux

diff options

author	Chuck Lever <[email protected]>	2023-03-17 17:09:20 -0400
committer	Chuck Lever <[email protected]>	2023-04-26 09:05:01 -0400
commit	0f5162480bd25bd97b91c9153db7afbd89698804 (patch)
tree	a273f9e1648e80256d5e4b9321f624d0a9424cd4 /lib/test_fortify/write_overflow-strncpy-src.c
parent	376bcd9b37632cf191711a68aa25ab42f0048c2e (diff)

NFSD: Watch for rq_pages bounds checking errors in nfsd_splice_actor()

There have been several bugs over the years where the NFSD splice actor has attempted to write outside the rq_pages array. This is a "should never happen" condition, but if for some reason the pipe splice actor should attempt to walk past the end of rq_pages, it needs to terminate the READ operation to prevent corruption of the pointer addresses in the fields just beyond the array. A server crash is thus prevented. Since the code is not behaving, the READ operation returns -EIO to the client. None of the READ payload data can be trusted if the splice actor isn't operating as expected. Suggested-by: Jeff Layton <[email protected]> Signed-off-by: Chuck Lever <[email protected]> Reviewed-by: Jeff Layton <[email protected]>

Diffstat (limited to 'lib/test_fortify/write_overflow-strncpy-src.c')

0 files changed, 0 insertions, 0 deletions


context:
space:
mode: