Avoid beyond bounds copy while caching ACL When attempting to cache ACLs returned from the server, if the bitmap size + the ACL size is greater than a PAGE_SIZE but the ACL size itself is smaller than a PAGE_SIZE, we can read past the buffer page boundary. Signed-off-by: Sachin Prabhu <sprabhu@redhat.com> Reported-by: Jian Li <jiali@redhat.com> Signed-off-by: Trond Myklebust <Trond.Myklebust@netapp.com>

commit: 5794d21ef4639f0e33440927bb903f9598c21e92 [log] [tgz]
author: Sachin Prabhu <sprabhu@redhat.com> Tue Apr 17 14:36:40 2012 +0100
committer: Trond Myklebust <Trond.Myklebust@netapp.com> Fri Apr 27 14:09:53 2012 -0400
tree: d4bdbde63624df6e970751f46fd6fe0dacb8718c
parent: 5a00689930ab975fdd1b37b034475017e460cf2a [diff] [blame]
diff --git a/fs/nfs/nfs4xdr.c b/fs/nfs/nfs4xdr.c
index 9312dd7..203c096 100644
--- a/fs/nfs/nfs4xdr.c
+++ b/fs/nfs/nfs4xdr.c

@@ -4940,7 +4940,7 @@
 				res->acl_len = attrlen;
 				goto out;
 			}
-			dprintk("NFS: acl reply: attrlen %zu > page_len %u\n",
+			dprintk("NFS: acl reply: attrlen %u > page_len %zu\n",
 					attrlen, page_len);
 			return -EINVAL;
 		}
commit	5794d21ef4639f0e33440927bb903f9598c21e92	[log] [tgz]
author	Sachin Prabhu <sprabhu@redhat.com>	Tue Apr 17 14:36:40 2012 +0100
committer	Trond Myklebust <Trond.Myklebust@netapp.com>	Fri Apr 27 14:09:53 2012 -0400
tree	d4bdbde63624df6e970751f46fd6fe0dacb8718c
parent	5a00689930ab975fdd1b37b034475017e460cf2a [diff] [blame]