2)
AcceptedPublic
Actions

Authored by olce on Tue, Oct 7, 5:14 PM.

Details

Reviewers

rmacklem
dfr

Summary

Consistently with the XDR_INLINE() variant of xdr_authunix_parms()
(_svcauth_unix() in 'svc_auth_unix.c'), reject messages with credentials
having a machine name length in excess of AUTH_SYS_MAX_HOSTNAME or more
than AUTH_SYS_MAX_GROUPS supplementary groups, which do not conform to
RFC 5531. This is done mainly because we cannot store excess groups
anyway, even if at odds with the robustness principle ("be liberal in
what you accept").

Fixes: dfdcada31e79 ("Add the new kernel-mode NFS Lock Manager.")
Sponsored by: The FreeBSD Foundation

Diff Detail

Repository

rG FreeBSD src repository

Lint

Lint Skipped

Unit

Tests Skipped

Build Status

Buildable 67620
Build 64503: arc lint + arc unit

Event Timeline

olce created this revision.Tue, Oct 7, 5:14 PM

Herald added a subscriber: imp. · View Herald TranscriptTue, Oct 7, 5:14 PM

olce requested review of this revision.Tue, Oct 7, 5:14 PM

Harbormaster completed remote builds in B67620: Diff 163713.Tue, Oct 7, 5:14 PM

olce added a parent revision: D52961: sys/rpc: Define AUTH_SYS_MAX_{GROUPS,HOSTNAME}.Tue, Oct 7, 5:24 PM

olce added a child revision: D52963: sys/rpc: UNIX auth: Use AUTH_SYS_MAX_{GROUPS,HOSTNAME} as limits (2/2).

olce added a reviewer: dfr.

Looks ok to me. You can decide whether or not to add the
KASSERT for x_op != XDR_FREE?

sys/rpc/authunix_prot.c
64	These xdr functions usually have a case where xdrs->x_op is XDR_FREE. Maybe adding a KASSERT to check that x_op != XDR_FREE might be useful?

This revision is now accepted and ready to land.Fri, Oct 10, 10:29 PM

Revision Contents
Changeset List

Path

Size

sys/

rpc/

authunix_prot.c

33 lines

Diff 163713

View Options

sys/rpc: UNIX auth: Use AUTH_SYS_MAX_{GROUPS,HOSTNAME} as limits (1/2)AcceptedPublicActions