From owner-svn-src-user@FreeBSD.ORG Wed Oct 15 14:32:43 2008 Return-Path: Delivered-To: svn-src-user@freebsd.org Received: from mx1.freebsd.org (mx1.freebsd.org [IPv6:2001:4f8:fff6::34]) by hub.freebsd.org (Postfix) with ESMTP id C2CCC1065693; Wed, 15 Oct 2008 14:32:43 +0000 (UTC) (envelope-from netchild@FreeBSD.org) Received: from svn.freebsd.org (svn.freebsd.org [IPv6:2001:4f8:fff6::2c]) by mx1.freebsd.org (Postfix) with ESMTP id B0C6C8FC15; Wed, 15 Oct 2008 14:32:43 +0000 (UTC) (envelope-from netchild@FreeBSD.org) Received: from svn.freebsd.org (localhost [127.0.0.1]) by svn.freebsd.org (8.14.3/8.14.3) with ESMTP id m9FEWhqI035911; Wed, 15 Oct 2008 14:32:43 GMT (envelope-from netchild@svn.freebsd.org) Received: (from netchild@localhost) by svn.freebsd.org (8.14.3/8.14.3/Submit) id m9FEWhUr035909; Wed, 15 Oct 2008 14:32:43 GMT (envelope-from netchild@svn.freebsd.org) Message-Id: <200810151432.m9FEWhUr035909@svn.freebsd.org> From: Alexander Leidinger Date: Wed, 15 Oct 2008 14:32:43 +0000 (UTC) To: src-committers@freebsd.org, svn-src-user@freebsd.org X-SVN-Group: user MIME-Version: 1.0 Content-Type: text/plain; charset=UTF-8 Content-Transfer-Encoding: 8bit Cc: Subject: svn commit: r183914 - in user/netchild/coverity/src/sys: nfsclient nfsserver X-BeenThere: svn-src-user@freebsd.org X-Mailman-Version: 2.1.5 Precedence: list List-Id: "SVN commit messages for the experimental " user" src tree" List-Unsubscribe: , List-Archive: List-Post: List-Help: List-Subscribe: , X-List-Received-Date: Wed, 15 Oct 2008 14:32:43 -0000 Author: netchild Date: Wed Oct 15 14:32:43 2008 New Revision: 183914 URL: http://svn.freebsd.org/changeset/base/183914 Log: Fixes (probably) for CID 1076 and 1528. Found by: Coverity Prevent Modified: user/netchild/coverity/src/sys/nfsclient/nfs_subs.c user/netchild/coverity/src/sys/nfsserver/nfs_serv.c Modified: user/netchild/coverity/src/sys/nfsclient/nfs_subs.c ============================================================================== --- user/netchild/coverity/src/sys/nfsclient/nfs_subs.c Wed Oct 15 14:29:35 2008 (r183913) +++ user/netchild/coverity/src/sys/nfsclient/nfs_subs.c Wed Oct 15 14:32:43 2008 (r183914) @@ -980,8 +980,12 @@ nfsm_mtofh_xx(struct vnode *d, struct vn return EBADRPC; if (*f) *f = fxdr_unsigned(int, *tl); - else if (fxdr_unsigned(int, *tl)) - nfsm_adv_xx(NFSX_V3FATTR, md, dpos); + else if (fxdr_unsigned(int, *tl)) { + /* XXX: CID 1076, NFSM_ADV() can be used instead too */ + t1 = nfsm_adv_xx(NFSX_V3FATTR, md, dpos); + if (t1 != 0) + return EBADRPC; + } } if (*f) { ttvp = *v; Modified: user/netchild/coverity/src/sys/nfsserver/nfs_serv.c ============================================================================== --- user/netchild/coverity/src/sys/nfsserver/nfs_serv.c Wed Oct 15 14:29:35 2008 (r183913) +++ user/netchild/coverity/src/sys/nfsserver/nfs_serv.c Wed Oct 15 14:32:43 2008 (r183914) @@ -4062,7 +4062,14 @@ nfsrv_fsinfo(struct nfsrv_descript *nfsd } /* XXX Try to make a guess on the max file size. */ - VFS_STATFS(vp->v_mount, &sb, curthread); + error = VFS_STATFS(vp->v_mount, &sb, curthread); + if (error) { + /* XXX: CID 1528 */ + nfsm_reply(NFSX_UNSIGNED); + nfsm_srvpostop_attr(getret, &at); + error = 0; + goto nfsmout; + } maxfsize = (u_quad_t)0x80000000 * sb.f_bsize - 1; getret = VOP_GETATTR(vp, &at, cred);