> -----Original Message-----
> From: linux-nfs-ow...@vger.kernel.org [mailto:linux-nfs-
> ow...@vger.kernel.org] On Behalf Of Sven Wegener
> Sent: Wednesday, December 12, 2012 6:15 PM
> To: Myklebust, Trond
> Cc: linux-...@vger.kernel.org; linux-kernel@vger.kernel.org
> Subject: [PATCH] NFSv4: Check for buffer length in
> __nfs4_get_acl_uncached
>
> Commit 1f1ea6c "NFSv4: Fix buffer overflow checking in
> __nfs4_get_acl_uncached" accidently dropped the checking for too small
> result buffer length.
>
> If someone uses getxattr on "system.nfs4_acl" on an NFSv4 mount
> supporting ACLs, the ACL has not been cached and the buffer suplied is too
> short, we still copy the complete ACL, resulting in kernel and user space
> memory corruption.
>
> Signed-off-by: Sven Wegener <sven.wege...@stealer.net>
> Cc: sta...@kernel.org
> ---
> fs/nfs/nfs4proc.c | 7 ++++++-
> 1 file changed, 6 insertions(+), 1 deletion(-)
>
> Resending, because it did not get any response.
Sorry. I've already applied it to the nfs-for-next branch on git.linux-nfs.org,
so it should go in during this merge window.
Cheers
Trond
N�����r��y����b�X��ǧv�^�){.n�+����{����zX�����ܨ}���Ơz�&j:+v��������zZ+��+zf���h���~����i���z���w���?�����&�)ߢ�f��^jǫy�m��@A�a���
�0��h����i
