aboutsummaryrefslogtreecommitdiffstats
path: root/net
diff options
context:
space:
mode:
authorChuck Lever <chuck.lever@oracle.com>2009-03-18 20:45:28 -0400
committerTrond Myklebust <Trond.Myklebust@netapp.com>2009-03-28 15:52:08 -0400
commit776bd5c7a207de546918f805090bfc823d2660c8 (patch)
treebf99838d1e073b8caee80bd79027d69892585d5c /net
parent7fe5c398fc2186ed586db11106a6692d871d0d58 (diff)
SUNRPC: Don't flag empty RPCB_GETADDR reply as bogus
In 2007, commit e65fe3976f594603ed7b1b4a99d3e9b867f573ea added additional sanity checking to rpcb_decode_getaddr() to make sure we were getting a reply that was long enough to be an actual universal address. If the uaddr string isn't long enough, the XDR decoder returns EIO. However, an empty string is a valid RPCB_GETADDR response if the requested service isn't registered. Moreover, "::.n.m" is also a valid RPCB_GETADDR response for IPv6 addresses that is shorter than rpcb_decode_getaddr()'s lower limit of 11. So this sanity check introduced a regression for rpcbind requests against IPv6 remotes. So revert the lower bound check added by commit e65fe3976f594603ed7b1b4a99d3e9b867f573ea, and add an explicit check for an empty uaddr string, similar to libtirpc's rpcb_getaddr(3). Pointed-out-by: Jeff Layton <jlayton@redhat.com> Signed-off-by: Chuck Lever <chuck.lever@oracle.com> Signed-off-by: Trond Myklebust <Trond.Myklebust@netapp.com>
Diffstat (limited to 'net')
-rw-r--r--net/sunrpc/rpcb_clnt.c11
1 files changed, 8 insertions, 3 deletions
diff --git a/net/sunrpc/rpcb_clnt.c b/net/sunrpc/rpcb_clnt.c
index 03ae007641e4..2caa7edeeaba 100644
--- a/net/sunrpc/rpcb_clnt.c
+++ b/net/sunrpc/rpcb_clnt.c
@@ -703,11 +703,16 @@ static int rpcb_decode_getaddr(struct rpc_rqst *req, __be32 *p,
703 *portp = 0; 703 *portp = 0;
704 addr_len = ntohl(*p++); 704 addr_len = ntohl(*p++);
705 705
706 if (addr_len == 0) {
707 dprintk("RPC: rpcb_decode_getaddr: "
708 "service is not registered\n");
709 return 0;
710 }
711
706 /* 712 /*
707 * Simple sanity check. The smallest possible universal 713 * Simple sanity check.
708 * address is an IPv4 address string containing 11 bytes.
709 */ 714 */
710 if (addr_len < 11 || addr_len > RPCBIND_MAXUADDRLEN) 715 if (addr_len > RPCBIND_MAXUADDRLEN)
711 goto out_err; 716 goto out_err;
712 717
713 /* 718 /*