Date: Tue, 20 Nov 2018 01:56:34 +0000 (UTC) From: Rick Macklem <rmacklem@FreeBSD.org> To: src-committers@freebsd.org, svn-src-all@freebsd.org, svn-src-head@freebsd.org Subject: svn commit: r340662 - head/sys/fs/nfs Message-ID: <201811200156.wAK1uY8S028223@repo.freebsd.org>
next in thread | raw e-mail | index | archive | help
Author: rmacklem Date: Tue Nov 20 01:56:34 2018 New Revision: 340662 URL: https://svnweb.freebsd.org/changeset/base/340662 Log: nfsm_advance() would panic() when the offs argument was negative. The code assumed that this would indicate a corrupted mbuf chain, but it could simply be caused by bogus RPC message data. This patch replaces the panic() with a printf() plus error return. MFC after: 1 week Modified: head/sys/fs/nfs/nfs_commonsubs.c Modified: head/sys/fs/nfs/nfs_commonsubs.c ============================================================================== --- head/sys/fs/nfs/nfs_commonsubs.c Tue Nov 20 01:52:45 2018 (r340661) +++ head/sys/fs/nfs/nfs_commonsubs.c Tue Nov 20 01:56:34 2018 (r340662) @@ -725,10 +725,14 @@ nfsm_advance(struct nfsrv_descript *nd, int offs, int if (offs == 0) goto out; /* - * A negative offs should be considered a serious problem. + * A negative offs might indicate a corrupted mbuf chain and, + * as such, a printf is logged. */ - if (offs < 0) - panic("nfsrv_advance"); + if (offs < 0) { + printf("nfsrv_advance: negative offs\n"); + error = EBADRPC; + goto out; + } /* * If left == -1, calculate it here.
Want to link to this message? Use this URL: <https://mail-archive.FreeBSD.org/cgi/mid.cgi?201811200156.wAK1uY8S028223>