From 9aa2858d447ed543f6fa4d2cc473bf487c739ca4 Mon Sep 17 00:00:00 2001 From: Doug Rabson Date: Tue, 22 Apr 1997 17:38:01 +0000 Subject: [PATCH] Fix broken usage of nm_readdirsize and increase the socket buffers for UDP to prevent possible socket overflows. 2.2 candidate. PR: kern/3304 Reviewed by: Thomas David Rivers --- sys/nfs/nfs_socket.c | 6 +++--- sys/nfs/nfs_vfsops.c | 15 +++++---------- sys/nfsclient/nfs_socket.c | 6 +++--- sys/nfsclient/nfs_vfsops.c | 15 +++++---------- sys/nfsserver/nfs_srvsock.c | 6 +++--- 5 files changed, 19 insertions(+), 29 deletions(-) diff --git a/sys/nfs/nfs_socket.c b/sys/nfs/nfs_socket.c index a584d97479d..86ac106f000 100644 --- a/sys/nfs/nfs_socket.c +++ b/sys/nfs/nfs_socket.c @@ -34,7 +34,7 @@ * SUCH DAMAGE. * * @(#)nfs_socket.c 8.5 (Berkeley) 3/30/95 - * $Id: nfs_socket.c,v 1.21 1997/02/22 09:42:39 peter Exp $ + * $Id: nfs_socket.c,v 1.22 1997/03/22 06:53:08 bde Exp $ */ /* @@ -270,8 +270,8 @@ nfs_connect(nmp, rep) so->so_snd.sb_timeo = 0; } if (nmp->nm_sotype == SOCK_DGRAM) { - sndreserve = nmp->nm_wsize + NFS_MAXPKTHDR; - rcvreserve = nmp->nm_rsize + NFS_MAXPKTHDR; + sndreserve = (nmp->nm_wsize + NFS_MAXPKTHDR) * 2; + rcvreserve = (nmp->nm_rsize + NFS_MAXPKTHDR) * 2; } else if (nmp->nm_sotype == SOCK_SEQPACKET) { sndreserve = (nmp->nm_wsize + NFS_MAXPKTHDR) * 2; rcvreserve = (nmp->nm_rsize + NFS_MAXPKTHDR) * 2; diff --git a/sys/nfs/nfs_vfsops.c b/sys/nfs/nfs_vfsops.c index 84963cf5830..aee1ca29b65 100644 --- a/sys/nfs/nfs_vfsops.c +++ b/sys/nfs/nfs_vfsops.c @@ -34,7 +34,7 @@ * SUCH DAMAGE. * * @(#)nfs_vfsops.c 8.12 (Berkeley) 5/20/95 - * $Id: nfs_vfsops.c,v 1.36 1997/03/24 11:33:39 bde Exp $ + * $Id: nfs_vfsops.c,v 1.37 1997/04/04 17:49:30 dfr Exp $ */ #include @@ -302,12 +302,9 @@ nfs_fsinfo(nmp, vp, cred, p) } pref = fxdr_unsigned(u_long, fsp->fs_dtpref); if (pref < nmp->nm_readdirsize) - nmp->nm_readdirsize = (pref + NFS_DIRBLKSIZ - 1) & - ~(NFS_DIRBLKSIZ - 1); + nmp->nm_readdirsize = pref; if (max < nmp->nm_readdirsize) { - nmp->nm_readdirsize = max & ~(NFS_DIRBLKSIZ - 1); - if (nmp->nm_readdirsize == 0) - nmp->nm_readdirsize = max; + nmp->nm_readdirsize = max; } nmp->nm_flag |= NFSMNT_GOTFSINFO; } @@ -741,13 +738,11 @@ mountnfs(argp, mp, nam, pth, hst, vpp) if ((argp->flags & NFSMNT_READDIRSIZE) && argp->readdirsize > 0) { nmp->nm_readdirsize = argp->readdirsize; - /* Round down to multiple of blocksize */ - nmp->nm_readdirsize &= ~(NFS_DIRBLKSIZ - 1); - if (nmp->nm_readdirsize < NFS_DIRBLKSIZ) - nmp->nm_readdirsize = NFS_DIRBLKSIZ; } if (nmp->nm_readdirsize > maxio) nmp->nm_readdirsize = maxio; + if (nmp->nm_readdirsize > nmp->nm_rsize) + nmp->nm_readdirsize = nmp->nm_rsize; if ((argp->flags & NFSMNT_MAXGRPS) && argp->maxgrouplist >= 0 && argp->maxgrouplist <= NFS_MAXGRPS) diff --git a/sys/nfsclient/nfs_socket.c b/sys/nfsclient/nfs_socket.c index a584d97479d..86ac106f000 100644 --- a/sys/nfsclient/nfs_socket.c +++ b/sys/nfsclient/nfs_socket.c @@ -34,7 +34,7 @@ * SUCH DAMAGE. * * @(#)nfs_socket.c 8.5 (Berkeley) 3/30/95 - * $Id: nfs_socket.c,v 1.21 1997/02/22 09:42:39 peter Exp $ + * $Id: nfs_socket.c,v 1.22 1997/03/22 06:53:08 bde Exp $ */ /* @@ -270,8 +270,8 @@ nfs_connect(nmp, rep) so->so_snd.sb_timeo = 0; } if (nmp->nm_sotype == SOCK_DGRAM) { - sndreserve = nmp->nm_wsize + NFS_MAXPKTHDR; - rcvreserve = nmp->nm_rsize + NFS_MAXPKTHDR; + sndreserve = (nmp->nm_wsize + NFS_MAXPKTHDR) * 2; + rcvreserve = (nmp->nm_rsize + NFS_MAXPKTHDR) * 2; } else if (nmp->nm_sotype == SOCK_SEQPACKET) { sndreserve = (nmp->nm_wsize + NFS_MAXPKTHDR) * 2; rcvreserve = (nmp->nm_rsize + NFS_MAXPKTHDR) * 2; diff --git a/sys/nfsclient/nfs_vfsops.c b/sys/nfsclient/nfs_vfsops.c index 84963cf5830..aee1ca29b65 100644 --- a/sys/nfsclient/nfs_vfsops.c +++ b/sys/nfsclient/nfs_vfsops.c @@ -34,7 +34,7 @@ * SUCH DAMAGE. * * @(#)nfs_vfsops.c 8.12 (Berkeley) 5/20/95 - * $Id: nfs_vfsops.c,v 1.36 1997/03/24 11:33:39 bde Exp $ + * $Id: nfs_vfsops.c,v 1.37 1997/04/04 17:49:30 dfr Exp $ */ #include @@ -302,12 +302,9 @@ nfs_fsinfo(nmp, vp, cred, p) } pref = fxdr_unsigned(u_long, fsp->fs_dtpref); if (pref < nmp->nm_readdirsize) - nmp->nm_readdirsize = (pref + NFS_DIRBLKSIZ - 1) & - ~(NFS_DIRBLKSIZ - 1); + nmp->nm_readdirsize = pref; if (max < nmp->nm_readdirsize) { - nmp->nm_readdirsize = max & ~(NFS_DIRBLKSIZ - 1); - if (nmp->nm_readdirsize == 0) - nmp->nm_readdirsize = max; + nmp->nm_readdirsize = max; } nmp->nm_flag |= NFSMNT_GOTFSINFO; } @@ -741,13 +738,11 @@ mountnfs(argp, mp, nam, pth, hst, vpp) if ((argp->flags & NFSMNT_READDIRSIZE) && argp->readdirsize > 0) { nmp->nm_readdirsize = argp->readdirsize; - /* Round down to multiple of blocksize */ - nmp->nm_readdirsize &= ~(NFS_DIRBLKSIZ - 1); - if (nmp->nm_readdirsize < NFS_DIRBLKSIZ) - nmp->nm_readdirsize = NFS_DIRBLKSIZ; } if (nmp->nm_readdirsize > maxio) nmp->nm_readdirsize = maxio; + if (nmp->nm_readdirsize > nmp->nm_rsize) + nmp->nm_readdirsize = nmp->nm_rsize; if ((argp->flags & NFSMNT_MAXGRPS) && argp->maxgrouplist >= 0 && argp->maxgrouplist <= NFS_MAXGRPS) diff --git a/sys/nfsserver/nfs_srvsock.c b/sys/nfsserver/nfs_srvsock.c index a584d97479d..86ac106f000 100644 --- a/sys/nfsserver/nfs_srvsock.c +++ b/sys/nfsserver/nfs_srvsock.c @@ -34,7 +34,7 @@ * SUCH DAMAGE. * * @(#)nfs_socket.c 8.5 (Berkeley) 3/30/95 - * $Id: nfs_socket.c,v 1.21 1997/02/22 09:42:39 peter Exp $ + * $Id: nfs_socket.c,v 1.22 1997/03/22 06:53:08 bde Exp $ */ /* @@ -270,8 +270,8 @@ nfs_connect(nmp, rep) so->so_snd.sb_timeo = 0; } if (nmp->nm_sotype == SOCK_DGRAM) { - sndreserve = nmp->nm_wsize + NFS_MAXPKTHDR; - rcvreserve = nmp->nm_rsize + NFS_MAXPKTHDR; + sndreserve = (nmp->nm_wsize + NFS_MAXPKTHDR) * 2; + rcvreserve = (nmp->nm_rsize + NFS_MAXPKTHDR) * 2; } else if (nmp->nm_sotype == SOCK_SEQPACKET) { sndreserve = (nmp->nm_wsize + NFS_MAXPKTHDR) * 2; rcvreserve = (nmp->nm_rsize + NFS_MAXPKTHDR) * 2;