Date: Mon, 13 Dec 2021 05:30:46 +0000 From: bugzilla-noreply@freebsd.org To: bugs@FreeBSD.org Subject: [Bug 260293] big counts in LAYOUTRETURN can cause NFS v4 nfsrv_flexlayouterr() to page-fault Message-ID: <bug-260293-227-ZUFvSPk9rV@https.bugs.freebsd.org/bugzilla/> In-Reply-To: <bug-260293-227@https.bugs.freebsd.org/bugzilla/> References: <bug-260293-227@https.bugs.freebsd.org/bugzilla/>
next in thread | previous in thread | raw e-mail | index | archive | help
https://bugs.freebsd.org/bugzilla/show_bug.cgi?id=3D260293 Rick Macklem <rmacklem@FreeBSD.org> changed: What |Removed |Added ---------------------------------------------------------------------------- Assignee|bugs@FreeBSD.org |rmacklem@FreeBSD.org Status|New |Open --- Comment #1 from Rick Macklem <rmacklem@FreeBSD.org> --- Created attachment 230070 --> https://bugs.freebsd.org/bugzilla/attachment.cgi?id=3D230070&action= =3Dedit check against maxcnt when parsing a flex file error reply This patch decrements maxcnt by the appropriate number of bytes during parsing and checks to see if there is data remaining. If not, it just returns from nfsrv_flexlayouterr() without further processing. This should fix the crashes. Maybe the reporter can check to confirm that the patch fixes the problem for him? --=20 You are receiving this mail because: You are the assignee for the bug.=
Want to link to this message? Use this URL: <https://mail-archive.FreeBSD.org/cgi/mid.cgi?bug-260293-227-ZUFvSPk9rV>