nfs_commonsubs.c: Add a sanity check for nid_ngroup
ClosedPublic
Actions

Authored by rmacklem on Tue, Oct 28, 12:29 AM.

Tags

None

Referenced Files

	Unknown Object (File)
	Thu, Oct 30, 9:17 AM

	Unknown Object (File)
	Thu, Oct 30, 9:17 AM

	Unknown Object (File)
	Thu, Oct 30, 9:17 AM

	Unknown Object (File)
	Thu, Oct 30, 12:46 AM

	Unknown Object (File)
	Tue, Oct 28, 5:30 PM

	Unknown Object (File)
	Tue, Oct 28, 5:24 PM

	Unknown Object (File)
	Tue, Oct 28, 5:20 PM

	Unknown Object (File)
	Tue, Oct 28, 5:20 PM

View All 15 Files

Subscribers

imp

Details

Reviewers

emaste
markj

Commits

rG4672adcea4cf: nfs_commonsubs.c: Add a sanity check for nid_ngroup

Summary

The nfsuserd(8) daemon passes user credentials
(uid + gids) into the kernel for users and groups
identified by name (received from a NFSv4 server).

This patch add a sanity check for the number of
groups (nid_ngroup) passed in.

It's only purpose is to protect against a bogus
nfsuserd(8) running in a jail.

Test Plan

Only tested for a valid working nfsuserd(8) daemon.

Diff Detail

Repository

rG FreeBSD src repository

Lint

Lint Not Applicable

Unit

Tests Not Applicable

Event Timeline

rmacklem created this revision.Tue, Oct 28, 12:29 AM

Herald added a subscriber: imp. · View Herald TranscriptTue, Oct 28, 12:29 AM

rmacklem requested review of this revision.Tue, Oct 28, 12:29 AM

markj accepted this revision.Tue, Oct 28, 1:10 PM

This revision is now accepted and ready to land.Tue, Oct 28, 1:10 PM

Closed by commit rG4672adcea4cf: nfs_commonsubs.c: Add a sanity check for nid_ngroup (authored by rmacklem). · Explain WhyTue, Oct 28, 2:47 PM

This revision was automatically updated to reflect the committed changes.

rmacklem added a commit: rG4672adcea4cf: nfs_commonsubs.c: Add a sanity check for nid_ngroup.

Revision Contents
Changeset List

Path

Size

sys/

fs/

nfs/

nfs_commonsubs.c

13 lines

Diff 165214

View Options

sys/fs/nfs/nfs_commonsubs.c

nfs_commonsubs.c: Add a sanity check for nid_ngroupClosedPublicActions