diff options
author | NeilBrown <neilb@cse.unsw.edu.au> | 2005-11-07 01:00:26 -0800 |
---|---|---|
committer | Linus Torvalds <torvalds@g5.osdl.org> | 2005-11-07 07:53:48 -0800 |
commit | 0ba7536d5d47e4ecf2259a80b207158dc4e711eb (patch) | |
tree | 0e8528e65f25b9992cfad43e74018a0986f46c38 /include/linux/nfsd | |
parent | 70c3b76c28b012452d63bb27f6d0517afb05d86f (diff) | |
download | op-kernel-dev-0ba7536d5d47e4ecf2259a80b207158dc4e711eb.zip op-kernel-dev-0ba7536d5d47e4ecf2259a80b207158dc4e711eb.tar.gz |
[PATCH] knfsd: Fix some minor sign problems in nfsd/xdr
There are a couple of tests which could possibly be confused by extremely
large numbers appearing in 'xdr' packets. I think the closest to an exploit
you could get would be writing random data from a free page into a file - i.e.
leak data out of kernel space.
I'm fairly sure they cannot be used for remote compromise.
Signed-off-by: Neil Brown <neilb@suse.de>
Signed-off-by: Andrew Morton <akpm@osdl.org>
Signed-off-by: Linus Torvalds <torvalds@osdl.org>
Diffstat (limited to 'include/linux/nfsd')
-rw-r--r-- | include/linux/nfsd/xdr3.h | 2 |
1 files changed, 1 insertions, 1 deletions
diff --git a/include/linux/nfsd/xdr3.h b/include/linux/nfsd/xdr3.h index 21e18ce..3c2a71b 100644 --- a/include/linux/nfsd/xdr3.h +++ b/include/linux/nfsd/xdr3.h @@ -42,7 +42,7 @@ struct nfsd3_writeargs { __u64 offset; __u32 count; int stable; - int len; + __u32 len; struct kvec vec[RPCSVC_MAXPAGES]; int vlen; }; |