NFSD: fix bad length checking for backchannel

the length for backchannel checking should be multiplied by sizeof(__be32). Signed-off-by: Kinglong Mee <kinglongmee@gmail.com> Signed-off-by: J. Bruce Fields <bfields@redhat.com>
author: Kinglong Mee <kinglongmee@gmail.com> 2013-12-23 18:11:02 +0800
committer: J. Bruce Fields <bfields@redhat.com> 2014-01-03 18:18:48 -0500
commit: 8a891633b832874e2a1545abbddfd33ba22eb016 (patch)
tree: 75b8b43cc63a659d1e3ea803cf404c900924910a /fs/nfsd
parent: f403e450e85cd403b63fd163d29b6b7f5e8eaf77 (diff)
1 files changed, 7 insertions, 2 deletions
diff --git a/fs/nfsd/nfs4state.c b/fs/nfsd/nfs4state.c
index 9a6d088247fd..acb95026ae3b 100644
--- a/fs/nfsd/nfs4state.c
+++ b/fs/nfsd/nfs4state.c
@@ -1853,6 +1853,11 @@ static __be32 check_forechannel_attrs(struct nfsd4_channel_attrs *ca, struct nfs
 	return nfs_ok;
 }
 
+#define NFSD_CB_MAX_REQ_SZ	((NFS4_enc_cb_recall_sz + \
+				 RPC_MAX_HEADER_WITH_AUTH) * sizeof(__be32))
+#define NFSD_CB_MAX_RESP_SZ	((NFS4_dec_cb_recall_sz + \
+				 RPC_MAX_REPHEADER_WITH_AUTH) * sizeof(__be32))
+
 static __be32 check_backchannel_attrs(struct nfsd4_channel_attrs *ca)
 {
 	ca->headerpadsz = 0;
@@ -1863,9 +1868,9 @@ static __be32 check_backchannel_attrs(struct nfsd4_channel_attrs *ca)
 	 * less than 1k.  Tighten up this estimate in the unlikely event
 	 * it turns out to be a problem for some client:
 	 */
-	if (ca->maxreq_sz < NFS4_enc_cb_recall_sz + RPC_MAX_HEADER_WITH_AUTH)
+	if (ca->maxreq_sz < NFSD_CB_MAX_REQ_SZ)
 		return nfserr_toosmall;
-	if (ca->maxresp_sz < NFS4_dec_cb_recall_sz + RPC_MAX_REPHEADER_WITH_AUTH)
+	if (ca->maxresp_sz < NFSD_CB_MAX_RESP_SZ)
 		return nfserr_toosmall;
 	ca->maxresp_cached = 0;
 	if (ca->maxops < 2)
author	Kinglong Mee <kinglongmee@gmail.com>	2013-12-23 18:11:02 +0800
committer	J. Bruce Fields <bfields@redhat.com>	2014-01-03 18:18:48 -0500
commit	8a891633b832874e2a1545abbddfd33ba22eb016 (patch)
tree	75b8b43cc63a659d1e3ea803cf404c900924910a /fs/nfsd
parent	f403e450e85cd403b63fd163d29b6b7f5e8eaf77 (diff)