STABLE14-viced-store-data-validate-input-20060408

The old StoreData RPC is only supposed to be valid for files
smaller than 2GB.  When StoreData64 was added, StoreData and StoreData64
were implemented as calls to common_StoreData64.  This removed the bounds
checking on the old StoreData RPC making it possible for operations
beyond two 2GB to be requested even if the file server cannot support
them.  This patch adds a validity check to ensure that the requested
file operations remain below 2GB.  Failures return E2BIG.

(cherry picked from commit 9817af2a81eded29eeefcf8ef4445301a7d348ea)

diff --git a/src/viced/afsfileprocs.c b/src/viced/afsfileprocs.c
index 5d2b84bca628a12a497643d1b8dd1f2e5912d776..47c7e79486ebcfde3e04327c6694f8a0a4b75106 100644 (file)
--- a/src/viced/afsfileprocs.c
+++ b/src/viced/afsfileprocs.c
@@ -3179,6 +3179,10 @@ SRXAFS_StoreData(struct rx_call * acall, struct AFSFid * Fid,
                 afs_uint32 Length, afs_uint32 FileLength,
                 struct AFSFetchStatus * OutStatus, struct AFSVolSync * Sync)
 {
+    if (FileLength > 0x7fffffff || Pos > 0x7fffffff || 
+       (0x7fffffff - Pos) < Length)
+        return EFBIG;
+
     return common_StoreData64(acall, Fid, InStatus, Pos, Length, FileLength,
                              OutStatus, Sync);
 }                              /*SRXAFS_StoreData */