Non init'ed "nd" in svc_export_parse() ?
J. Bruce Fields
bfields at fieldses.org
Thu Jul 5 10:28:53 EDT 2007
On Thu, Jul 05, 2007 at 04:07:41PM +0200, Zoltan Menyhart wrote:
> There is a "struct nameidata nd" allocated on the call frame of
> svc_export_parse().
> Only "nd.dentry" is initialized to NULL before calling
> path_lookup(buf, 0, &nd).
> I had a look at the other places where path_lookup() is called.
> Apparently svc_export_parse() does not initialize some fields
> which are init'ed elsewhere, before calling path_lookup(), e.g.
> "nd.intent.*".
> Should not be these fields be init'ed to some reasonable value?
It's probably only nfs that cares about that being set here, and nfsd
doesn't export nfs.
But, hm, we don't check for that case here. And the lookup could still
traverse an nfs filesystem even if it doesn't end up on one. So maybe
you could produce some kind of crash by attempting to export a path that
crosses an NFSv4 filesystem. Sounds like it'd be worth looking at more
carefully.
--b.
More information about the NFSv4
mailing list