| lists.openwall.net | lists / announce owl-users owl-dev john-users john-dev passwdqc-users yescrypt popa3d-users / oss-security kernel-hardening musl sabotage tlsify passwords / crypt-dev xvendor / Bugtraq Full-Disclosure linux-kernel linux-netdev linux-ext4 linux-hardening linux-cve-announce PHC | |
|
Open Source and information security mailing list archives
| ||
|
Message-ID: <20180802123245.4276-1-nixiaoming@huawei.com>
Date: Thu, 2 Aug 2018 20:32:45 +0800
From: nixiaoming <nixiaoming@...wei.com>
To: <bfields@...ldses.org>, <jlayton@...nel.org>,
<trondmy@...merspace.com>, <chuck.lever@...cle.com>,
<nixiaoming@...wei.com>
CC: <linux-nfs@...r.kernel.org>, <linux-kernel@...r.kernel.org>
Subject: [PATCH v3] fs/nfsd: Delete invalid assignment statements in nfsd4_decode_exchange_id
READ_BUF(8);
dummy = be32_to_cpup(p++);
dummy = be32_to_cpup(p++);
...
READ_BUF(4);
dummy = be32_to_cpup(p++);
Assigning value to "dummy" here, but that stored value
is overwritten before it can be used.
At the same time READ_BUF() will re-update the pointer p.
delete invalid assignment statements
Signed-off-by: nixiaoming <nixiaoming@...wei.com>
Signed-off-by: Chuck Lever <chuck.lever@...cle.com>
Signed-off-by: Trond Myklebust <trondmy@...merspace.com>
Signed-off-by: J. Bruce Fields <bfields@...ldses.org>
---
fs/nfsd/nfs4xdr.c | 4 +---
1 file changed, 1 insertion(+), 3 deletions(-)
diff --git a/fs/nfsd/nfs4xdr.c b/fs/nfsd/nfs4xdr.c
index a96843c..e669e20 100644
--- a/fs/nfsd/nfs4xdr.c
+++ b/fs/nfsd/nfs4xdr.c
@@ -1390,10 +1390,8 @@ nfsd4_decode_exchange_id(struct nfsd4_compoundargs *argp,
p += XDR_QUADLEN(dummy);
}
- /* ssp_window and ssp_num_gss_handles */
+ /* ignore ssp_window and ssp_num_gss_handles */
READ_BUF(8);
- dummy = be32_to_cpup(p++);
- dummy = be32_to_cpup(p++);
break;
default:
goto xdr_error;
--
2.10.1
Powered by blists - more mailing lists