[lustre-devel] [PATCH 452/622] lustre: ptlrpc: check buffer length in lustre_msg_string()
James Simmons
jsimmons at infradead.org
Thu Feb 27 13:15:20 PST 2020
From: Emoly Liu <emoly at whamcloud.com>
Check buffer length in lustre_msg_string() in case of any invalid
access.
Reported-by: Alibaba Cloud <yunye.ry at alibaba-inc.com>
WC-bug-id: https://jira.whamcloud.com/browse/LU-12613
Lustre-commit: 728c58d60fae ("LU-12613 ptlrpc: check buffer length in lustre_msg_string()")
Signed-off-by: Emoly Liu <emoly at whamcloud.com>
Reviewed-on: https://review.whamcloud.com/35932
Reviewed-by: Andreas Dilger <adilger at whamcloud.com>
Reviewed-by: Hongchao Zhang <hongchao at whamcloud.com>
Reviewed-by: Yunye Ry <yunye.ry at alibaba-inc.com>
Signed-off-by: James Simmons <jsimmons at infradead.org>
---
fs/lustre/ptlrpc/pack_generic.c | 5 +++++
1 file changed, 5 insertions(+)
diff --git a/fs/lustre/ptlrpc/pack_generic.c b/fs/lustre/ptlrpc/pack_generic.c
index 4a0856a..9b28624 100644
--- a/fs/lustre/ptlrpc/pack_generic.c
+++ b/fs/lustre/ptlrpc/pack_generic.c
@@ -712,6 +712,11 @@ char *lustre_msg_string(struct lustre_msg *m, u32 index, u32 max_len)
m, index, blen);
return NULL;
}
+ if (blen > PTLRPC_MAX_BUFLEN) {
+ CERROR("buffer length of msg %p buffer[%d] is invalid(%d)\n",
+ m, index, blen);
+ return NULL;
+ }
if (max_len == 0) {
if (slen != blen - 1) {
--
1.8.3.1
More information about the lustre-devel
mailing list