[PATCH] fix nfsacl pointer arithmetic and pg_class initialization bugs
authorAndreas Gruenbacher <agruen@suse.de>
Wed, 22 Jun 2005 17:16:28 +0000 (17:16 +0000)
committerTrond Myklebust <Trond.Myklebust@netapp.com>
Wed, 22 Jun 2005 20:07:27 +0000 (16:07 -0400)
* Pointer arithmetic bug: p is in word units. This fixes a memory
  corruption with big acls.
* Initialize pg_class to prevent a NULL pointer access.

Signed-off-by: Andreas Gruenbacher <agruen@suse.de>
Signed-off-by: Trond Myklebust <Trond.Myklebust@netapp.com>
fs/nfs/nfs3xdr.c
fs/nfsd/nfssvc.c

index a4437fb177f08b4b5b6c20b0f7bf8868b9a94bf6..db4a904810a460f0dd6090b12c65c7e5526ac499 100644 (file)
@@ -677,7 +677,7 @@ nfs3_xdr_setaclargs(struct rpc_rqst *req, u32 *p,
        /* put as much of the acls into head as possible. */
        len_in_head = min_t(unsigned int, buf->head->iov_len - base, len);
        len -= len_in_head;
-       req->rq_slen = xdr_adjust_iovec(req->rq_svec, p + len_in_head);
+       req->rq_slen = xdr_adjust_iovec(req->rq_svec, p + (len_in_head >> 2));
 
        for (count = 0; (count << PAGE_SHIFT) < len; count++) {
                args->pages[count] = alloc_page(GFP_KERNEL);
index 79b25b19fec847a5c2db422f19794d57805b6d75..904df604e86b62933b71f14e57a0920cd9373d91 100644 (file)
@@ -376,6 +376,7 @@ static struct svc_program   nfsd_acl_program = {
        .pg_nvers               = NFSD_ACL_NRVERS,
        .pg_vers                = nfsd_acl_version,
        .pg_name                = "nfsd",
+       .pg_class               = "nfsd",
        .pg_stats               = &nfsd_acl_svcstats,
 };