[pnfs] [PATCH 1/2] Fixed record length check in xs_tcp_read_fraghdr

Tue Apr 17 23:35:45 EDT 2007

From: Rahul Iyer <iyer at netapp.com>

Fixed the record length check in xs_tcp_read_fraghdr as per Benny's comments.
The earlier check was for the record length being at least 4 bytes, which means
only the xid was being checked. Since we're now extracting the call/reply
header too, we need to check for that length too, hence the number 8.

Signed-off-by: Rahul Iyer <iyer at netapp.com>
---
 net/sunrpc/xprtsock.c |    2 +-
 1 files changed, 1 insertions(+), 1 deletions(-)

diff --git a/net/sunrpc/xprtsock.c b/net/sunrpc/xprtsock.c
index a2083dc..72cde3a 100644
--- a/net/sunrpc/xprtsock.c
+++ b/net/sunrpc/xprtsock.c
@@ -604,7 +604,7 @@ static inline void xs_tcp_read_fraghdr(struct rpc_xprt *xprt, skb_reader_t *desc
 	xprt->tcp_offset = 0;
 
 	/* Sanity check of the record length */
-	if (unlikely(xprt->tcp_reclen < 4)) {
+	if (unlikely(xprt->tcp_reclen < 8)) {
 		dprintk("RPC:      invalid TCP record fragment length\n");
 		xprt_disconnect(xprt);
 		return;
-- 
1.5.0.2
