Skip site navigation (1)Skip section navigation (2)
Date:      Thu, 16 Feb 2017 06:34:21 +0000 (UTC)
From:      Konstantin Belousov <kib@FreeBSD.org>
To:        src-committers@freebsd.org, svn-src-all@freebsd.org, svn-src-head@freebsd.org
Subject:   svn commit: r313799 - head/sys/fs/nfsclient
Message-ID:  <201702160634.v1G6YL7T066733@repo.freebsd.org>

next in thread | raw e-mail | index | archive | help
Author: kib
Date: Thu Feb 16 06:34:20 2017
New Revision: 313799
URL: https://svnweb.freebsd.org/changeset/base/313799

Log:
  Do not allocate char[MNAMELEN] on stack in nfsclient.
  
  Right now this is not critical, but will be after planned increase of
  MNAMELEN from 88 to 1k.
  
  Reported and tested by:	pho
  Sponsored by:	The FreeBSD Foundation
  MFC after:	1 week

Modified:
  head/sys/fs/nfsclient/nfs_clvfsops.c

Modified: head/sys/fs/nfsclient/nfs_clvfsops.c
==============================================================================
--- head/sys/fs/nfsclient/nfs_clvfsops.c	Thu Feb 16 06:32:39 2017	(r313798)
+++ head/sys/fs/nfsclient/nfs_clvfsops.c	Thu Feb 16 06:34:20 2017	(r313799)
@@ -749,8 +749,7 @@ static int
 nfs_mount_parse_from(struct vfsoptlist *opts, char **hostnamep,
     struct sockaddr_in **sinp, char *dirpath, size_t dirpathsize, int *dirlenp)
 {
-	char nam[MNAMELEN + 1];
-	char *delimp, *hostp, *spec;
+	char *nam, *delimp, *hostp, *spec;
 	int error, have_bracket = 0, offset, rv, speclen;
 	struct sockaddr_in *sin;
 	size_t len;
@@ -758,6 +757,7 @@ nfs_mount_parse_from(struct vfsoptlist *
 	error = vfs_getopt(opts, "from", (void **)&spec, &speclen);
 	if (error != 0)
 		return (error);
+	nam = malloc(MNAMELEN + 1, M_TEMP, M_WAITOK);
 
 	/*
 	 * This part comes from sbin/mount_nfs/mount_nfs.c:getnfsargs().
@@ -776,6 +776,7 @@ nfs_mount_parse_from(struct vfsoptlist *
 		hostp = delimp + 1;
 	} else {
 		printf("%s: no <host>:<dirpath> nfs-name\n", __func__);
+		free(nam, M_TEMP);
 		return (EINVAL);
 	}
 	*delimp = '\0';
@@ -791,6 +792,7 @@ nfs_mount_parse_from(struct vfsoptlist *
 		spec[speclen - 1] = '\0';
 	if (strlen(hostp) + strlen(spec) + 1 > MNAMELEN) {
 		printf("%s: %s:%s: name too long", __func__, hostp, spec);
+		free(nam, M_TEMP);
 		return (EINVAL);
 	}
 	/* Make both '@' and ':' notations equal */
@@ -816,6 +818,7 @@ nfs_mount_parse_from(struct vfsoptlist *
 	if (rv != 1) {
 		printf("%s: cannot parse '%s', inet_pton() returned %d\n",
 		    __func__, hostp, rv);
+		free(nam, M_TEMP);
 		free(sin, M_SONAME);
 		return (EINVAL);
 	}
@@ -832,6 +835,7 @@ nfs_mount_parse_from(struct vfsoptlist *
 	strlcpy(dirpath, spec, dirpathsize);
 	*dirlenp = strlen(dirpath);
 
+	free(nam, M_TEMP);
 	return (0);
 }
 
@@ -874,7 +878,7 @@ nfs_mount(struct mount *mp)
 	struct sockaddr *nam = NULL;
 	struct vnode *vp;
 	struct thread *td;
-	char hst[MNAMELEN];
+	char *hst;
 	u_char nfh[NFSX_FHMAX], krbname[100], dirpath[100], srvkrbname[100];
 	char *cp, *opt, *name, *secname;
 	int nametimeo = NFS_DEFAULT_NAMETIMEO;
@@ -886,6 +890,7 @@ nfs_mount(struct mount *mp)
 
 	has_nfs_args_opt = 0;
 	has_nfs_from_opt = 0;
+	hst = malloc(MNAMELEN, M_TEMP, M_WAITOK);
 	if (vfs_filteropt(mp->mnt_optnew, nfs_opts)) {
 		error = EINVAL;
 		goto out;
@@ -1324,6 +1329,7 @@ out:
 			mp->mnt_kern_flag |= MNTK_NULL_NOCACHE;
 		MNT_IUNLOCK(mp);
 	}
+	free(hst, M_TEMP);
 	return (error);
 }
 



Want to link to this message? Use this URL: <https://mail-archive.FreeBSD.org/cgi/mid.cgi?201702160634.v1G6YL7T066733>