diff options
author | Marcus Brinkmann <marcus@gnu.org> | 2000-12-02 17:58:45 +0000 |
---|---|---|
committer | Marcus Brinkmann <marcus@gnu.org> | 2000-12-02 17:58:45 +0000 |
commit | 1c389d6fbea8d2b9ce89a98fecb11979df65ff89 (patch) | |
tree | 00f455af7254dac2ca012d2522baf6a83d360ef7 /nfsd | |
parent | bc24c150ec245be8e0b11ca08d11675870d7544f (diff) |
2000-12-02 Marcus Brinkmann <marcus@gnu.org>
* ops.c (op_readlink): Before returning, check if the buffer
pointed to by transp is ours. If not, munmap it.
(op_read): Likewise for bp.
(op_readdir): Don't alloca a buffer here. Instead initialize
BUF and BUFSIZE to 0 and let the server (eh, MiG) do it.
munmap BUF before returning.
Diffstat (limited to 'nfsd')
-rw-r--r-- | nfsd/ChangeLog | 9 | ||||
-rw-r--r-- | nfsd/ops.c | 36 |
2 files changed, 39 insertions, 6 deletions
diff --git a/nfsd/ChangeLog b/nfsd/ChangeLog index 078a84e5..6d9a8e32 100644 --- a/nfsd/ChangeLog +++ b/nfsd/ChangeLog @@ -1,3 +1,12 @@ +2000-12-02 Marcus Brinkmann <marcus@gnu.org> + + * ops.c (op_readlink): Before returning, check if the buffer + pointed to by transp is ours. If not, munmap it. + (op_read): Likewise for bp. + (op_readdir): Don't alloca a buffer here. Instead initialize + BUF and BUFSIZE to 0 and let the server (eh, MiG) do it. + munmap BUF before returning. + 2000-12-01 Marcus Brinkmann <marcus@gnu.org> * cache.c (scan_creds): Move I inside for-statement. @@ -24,6 +24,7 @@ #include <hurd/paths.h> #include <hurd.h> #include <dirent.h> +#include <sys/mman.h> #include "nfsd.h" #include "../nfs/mount.h" /* XXX */ @@ -190,8 +191,12 @@ op_readlink (struct cache_handle *c, /* Shamelessly copied from the libc readlink */ err = file_get_translator (c->port, &transp, &len); if (err) - return err; - + { + if (transp != buf) + munmap (transp, len); + return err; + } + if (len < sizeof (_HURD_SYMLINK) || memcmp (transp, _HURD_SYMLINK, sizeof (_HURD_SYMLINK))) return EINVAL; @@ -199,6 +204,10 @@ op_readlink (struct cache_handle *c, transp += sizeof (_HURD_SYMLINK); *reply = encode_string (*reply, transp); + + if (transp != buf) + munmap (transp, len); + return 0; } @@ -226,7 +235,11 @@ op_read (struct cache_handle *c, err = io_read (c->port, &bp, &buflen, offset, count); if (err) - return err; + { + if (bp != buf) + munmap (bp, buflen); + return err; + } err = io_stat (c->port, &st); if (err) @@ -234,6 +247,10 @@ op_read (struct cache_handle *c, *reply = encode_fattr (*reply, &st, version); *reply = encode_data (*reply, bp, buflen); + + if (bp != buf) + munmap (bp, buflen); + return 0; } @@ -540,11 +557,15 @@ op_readdir (struct cache_handle *c, cookie = ntohl (*p++); count = ntohl (*p++); - buf = alloca (count); - bufsize = count; + buf = (char *) 0; + bufsize = 0; err = dir_readdir (c->port, &buf, &bufsize, cookie, -1, count, &nentries); if (err) - return err; + { + if (buf) + munmap (buf, bufsize); + return err; + } r = *reply; @@ -572,6 +593,9 @@ op_readdir (struct cache_handle *c, *reply = r; + if (buf) + munmap (buf, bufsize); + return 0; } |