From 8644f90a75281c8f678e2c3b93531857b9f3fa1f Mon Sep 17 00:00:00 2001 From: Andrew Deason Date: Thu, 17 Dec 2009 14:59:44 -0600 Subject: [PATCH] Do not trust FetchData length from fileservers Currently the Unix CM implicitly trusts that the length from a FetchData request from a fileserver will always be less than the requested length. If the fileserver sends more data than requested, we can use up more cache space than we intended, possibly exceeding the cacheinfo cache limits. Add a check for this, and return EIO to the caller if the fileserver responds with too much data. Reviewed-on: http://gerrit.openafs.org/996 Tested-by: Andrew Deason Reviewed-by: Derrick Brashear Tested-by: Derrick Brashear (cherry picked from commit c7b92a3018044f7aca4d9a77644e5c06ef64d1e9) Change-Id: Ibbbc989cfb6522bb7d3c3003d31931549812d18e Reviewed-on: http://gerrit.openafs.org/1002 Reviewed-by: Derrick Brashear Tested-by: Derrick Brashear --- src/afs/afs_dcache.c | 14 ++++++++++++++ 1 file changed, 14 insertions(+) diff --git a/src/afs/afs_dcache.c b/src/afs/afs_dcache.c index 1ee51e6d5..f99191073 100644 --- a/src/afs/afs_dcache.c +++ b/src/afs/afs_dcache.c @@ -2208,6 +2208,20 @@ afs_GetDCache(register struct vcache *avc, afs_size_t abyte, } } #endif /* AFS_64BIT_CLIENT */ + + if (length > size) { + /* The fileserver told us it is going to send more data + * than we requested. It shouldn't do that, and + * accepting that much data can make us take up more + * cache space than we're supposed to, so error. */ + code = rx_Error(tcall); + RX_AFS_GUNLOCK(); + code1 = rx_EndCall(tcall, code); + RX_AFS_GLOCK(); + tcall = (struct rx_call *)0; + code = EIO; + } + if (code == 0) { #ifndef AFS_NOSTATS -- 2.39.5