nfs_clrpcops.c: Check for too large a write reply
ClosedPublic
Actions

Authored by rmacklem on Oct 26 2025, 8:52 PM.

Details

Reviewers

emaste
markj

Commits

rG2c82cdd2e29f: nfs_clrpcops.c: Check for too large a write reply

Summary

The "rlen" reply length for a Write operation/RPC
could cause trouble if a broken server replies with
too large a value.

Improve the sanity check for "rlen" to avoid this.

Test Plan

Tested only for a non-bogus NFS server.

Diff Detail

Repository

rG FreeBSD src repository

Lint

Lint Not Applicable

Unit

Tests Not Applicable

Event Timeline

rmacklem created this revision.Oct 26 2025, 8:52 PM

Herald added a subscriber: imp. · View Herald TranscriptOct 26 2025, 8:52 PM

rmacklem requested review of this revision.Oct 26 2025, 8:52 PM

There is a similar pattern in nfsrpc_writeds(). Does that need to be fixed too?

Add the same fix to nfsrpc_writeds().

In D53368#1218929, @markj wrote:

There is a similar pattern in nfsrpc_writeds(). Does that need to be fixed too?

Yep, good catch! Might as well fix them both.

markj accepted this revision.Oct 27 2025, 2:09 PM

This revision is now accepted and ready to land.Oct 27 2025, 2:09 PM

emaste accepted this revision.Oct 27 2025, 2:10 PM

Closed by commit rG2c82cdd2e29f: nfs_clrpcops.c: Check for too large a write reply (authored by rmacklem). · Explain WhyOct 27 2025, 2:52 PM

This revision was automatically updated to reflect the committed changes.

rmacklem added a commit: rG2c82cdd2e29f: nfs_clrpcops.c: Check for too large a write reply.

Revision Contents
Changeset List

Path

Size

sys/

fs/

nfsclient/

nfs_clrpcops.c

4 lines

Diff 165145

View Options

sys/fs/nfsclient/nfs_clrpcops.c

nfs_clrpcops.c: Check for too large a write replyClosedPublicActions