• Chuck Lever's avatar
    SUNRPC: Fix error return value of svc_addr_len() · abc5c44d
    Chuck Lever authored
    The svc_addr_len() helper function returns -EAFNOSUPPORT if it doesn't
    recognize the address family of the passed-in socket address.  However,
    the return type of this function is size_t, which means -EAFNOSUPPORT
    is turned into a very large positive value in this case.
    
    The check in svc_udp_recvfrom() to see if the return value is less
    than zero therefore won't work at all.
    
    Additionally, handle_connect_req() passes this value directly to
    memset().  This could cause memset() to clobber a large chunk of memory
    if svc_addr_len() has returned an error.  Currently the address family
    of these addresses, however, is known to be supported long before
    handle_connect_req() is called, so this isn't a real risk.
    
    Change the error return value of svc_addr_len() to zero, which fits in
    the range of size_t, and is safer to pass to memset() directly.
    Signed-off-by: default avatarChuck Lever <chuck.lever@oracle.com>
    Signed-off-by: default avatarJ. Bruce Fields <bfields@citi.umich.edu>
    abc5c44d
svcsock.c 33.9 KB