Project

General

Profile

Bug #6217

nfsauth_cache_get() should allocate/free maxlen for addr, not len

Added by Marcel Telka about 4 years ago. Updated about 4 years ago.

Status:
Closed
Priority:
Low
Assignee:
Category:
nfs - NFS server and client
Start date:
2015-09-10
Due date:
% Done:

100%

Estimated time:
Difficulty:
Bite-size
Tags:
needs-triage

Description

The nfsauth_cache_get() does this:

838    claddr = svc_getrpccaller(req->rq_xprt);
839    addr = *claddr;
840    addr.buf = kmem_alloc(addr.len, KM_SLEEP);

and this:

1227
1228    kmem_free(addr.buf, addr.len);
1229

(and similarly at some other places).

Properly, the maxlen (instead of len) should be used there.

Fortunately, the current implementation is harmless now, but to avoid confusion for future it would be nice to have this fixed.

History

#1

Updated by Marcel Telka about 4 years ago

An example of the proper netbuf allocation/free could be seen in t_kalloc() and t_kfree().

#2

Updated by Marcel Telka about 4 years ago

  • Status changed from In Progress to Pending RTI
#3

Updated by Electric Monk about 4 years ago

  • Status changed from Pending RTI to Closed
  • % Done changed from 0 to 100

git commit 7bbfa3ee1f517d6d5762f10047886094cea843a1

commit  7bbfa3ee1f517d6d5762f10047886094cea843a1
Author: Marcel Telka <marcel.telka@nexenta.com>
Date:   2015-09-14T18:04:04.000Z

    6217 nfsauth_cache_get() should allocate/free maxlen for addr, not len
    Reviewed by: Dan McDonald <danmcd@omniti.com>
    Approved by: Robert Mustacchi <rm@joyent.com>

Also available in: Atom PDF