From patchwork Mon Jan 17 18:41:50 2011
Content-Type: text/plain; charset="utf-8"
MIME-Version: 1.0
Content-Transfer-Encoding: 7bit
X-Patchwork-Submitter: Jesper Juhl <jj@chaosbits.net>
X-Patchwork-Id: 484241
X-Patchwork-Delegate: Trond.Myklebust@netapp.com
Received: from vger.kernel.org (vger.kernel.org [209.132.180.67])
	by demeter1.kernel.org (8.14.4/8.14.3) with ESMTP id p0HIfqWL022386
	for <patchwork-linux-nfs@patchwork.kernel.org>;
	Mon, 17 Jan 2011 18:41:53 GMT
Received: (majordomo@vger.kernel.org) by vger.kernel.org via listexpand
	id S1752445Ab1AQSlv (ORCPT
	<rfc822;patchwork-linux-nfs@patchwork.kernel.org>);
	Mon, 17 Jan 2011 13:41:51 -0500
Received: from swampdragon.chaosbits.net ([90.184.90.115]:14814 "EHLO
	swampdragon.chaosbits.net" rhost-flags-OK-OK-OK-OK) by
	vger.kernel.org with ESMTP id S1752342Ab1AQSlu (ORCPT
	<rfc822; linux-nfs@vger.kernel.org>); Mon, 17 Jan 2011 13:41:50 -0500
Received: by swampdragon.chaosbits.net (Postfix, from userid 1000)
	id E19F19403D; Mon, 17 Jan 2011 19:41:50 +0100 (CET)
Received: from localhost (localhost [127.0.0.1])
	by swampdragon.chaosbits.net (Postfix) with ESMTP id DEC669403B;
	Mon, 17 Jan 2011 19:41:50 +0100 (CET)
Date: Mon, 17 Jan 2011 19:41:50 +0100 (CET)
From: Jesper Juhl <jj@chaosbits.net>
To: Mi Jinlong <mijinlong@cn.fujitsu.com>
cc: linux-nfs@vger.kernel.org, Trond Myklebust <Trond.Myklebust@netapp.com>,
	linux-kernel@vger.kernel.org, Fred Isaman <iisaman@netapp.com>
Subject: Re: [PATCH] NFS4: Avoid potential NULL pointer dereference in
	decode_and_add_ds().
In-Reply-To: <4D33B30A.8050507@cn.fujitsu.com>
Message-ID: <alpine.LNX.2.00.1101171940480.27021@swampdragon.chaosbits.net>
References: <alpine.LNX.2.00.1101162145290.13377@swampdragon.chaosbits.net>
	<4D33B30A.8050507@cn.fujitsu.com>
User-Agent: Alpine 2.00 (LNX 1167 2008-08-23)
MIME-Version: 1.0
Sender: linux-nfs-owner@vger.kernel.org
Precedence: bulk
List-ID: <linux-nfs.vger.kernel.org>
X-Mailing-List: linux-nfs@vger.kernel.org
X-Greylist: IP, sender and recipient auto-whitelisted, not delayed by
	milter-greylist-4.2.6 (demeter1.kernel.org [140.211.167.41]);
	Mon, 17 Jan 2011 18:42:10 +0000 (UTC)


diff --git a/fs/nfs/nfs4filelayoutdev.c b/fs/nfs/nfs4filelayoutdev.c
index 51fe64a..f5c9b12 100644
--- a/fs/nfs/nfs4filelayoutdev.c
+++ b/fs/nfs/nfs4filelayoutdev.c
@@ -214,7 +214,7 @@ decode_and_add_ds(__be32 **pp, struct inode *inode)
 
 	/* ipv6 length plus port is legal */
 	if (rlen > INET6_ADDRSTRLEN + 8) {
-		dprintk("%s Invalid address, length %d\n", __func__,
+		dprintk("%s: Invalid address, length %d\n", __func__,
 			rlen);
 		goto out_err;
 	}
@@ -225,6 +225,11 @@ decode_and_add_ds(__be32 **pp, struct inode *inode)
 	/* replace the port dots with dashes for the in4_pton() delimiter*/
 	for (i = 0; i < 2; i++) {
 		char *res = strrchr(buf, '.');
+		if (!res) {
+			dprintk("%s: Failed finding expected dots in port\n",
+				__func__);
+			goto out_free;
+		}
 		*res = '-';
 	}
 
@@ -240,7 +245,7 @@ decode_and_add_ds(__be32 **pp, struct inode *inode)
 	port = htons((tmp[0] << 8) | (tmp[1]));
 
 	ds = nfs4_pnfs_ds_add(inode, ip_addr, port);
-	dprintk("%s Decoded address and port %s\n", __func__, buf);
+	dprintk("%s: Decoded address and port %s\n", __func__, buf);
 out_free:
 	kfree(buf);
 out_err: