viced-store-data-validate-input-20060408

The old StoreData RPC is only supposed to be valid for files
smaller than 2GB.  When StoreData64 was added, StoreData and StoreData64
were implemented as calls to common_StoreData64.  This removed the bounds
checking on the old StoreData RPC making it possible for operations
beyond two 2GB to be requested even if the file server cannot support
them.  This patch adds a validity check to ensure that the requested
file operations remain below 2GB.  Failures return E2BIG.

diff --git a/src/viced/afsfileprocs.c b/src/viced/afsfileprocs.c
index de38173a2cfaf7981cef7962e34671a661988a4b..db687f1888914a9fdad15330d42d1d1b8470f2e0 100644 (file)
--- a/src/viced/afsfileprocs.c
+++ b/src/viced/afsfileprocs.c
@@ -3051,6 +3051,10 @@ SRXAFS_StoreData(struct rx_call * acall, struct AFSFid * Fid,
                 afs_uint32 Length, afs_uint32 FileLength,
                 struct AFSFetchStatus * OutStatus, struct AFSVolSync * Sync)
 {
+    if (FileLength > 0x7fffffff || Pos > 0x7fffffff || 
+       (0x7fffffff - Pos) < Length)
+        return EFBIG;
+
     return common_StoreData64(acall, Fid, InStatus, Pos, Length, FileLength,
                              OutStatus, Sync);
 }                              /*SRXAFS_StoreData */