Skip to content

Commit 7cdafe6

Browse files
amir73iljankara
authored andcommitted
exportfs: check for error return value from exportfs_encode_*()
The exportfs_encode_*() helpers call the filesystem ->encode_fh() method which returns a signed int. All the in-tree implementations of ->encode_fh() return a positive integer and FILEID_INVALID (255) for error. Fortify the callers for possible future ->encode_fh() implementation that will return a negative error value. name_to_handle_at() would propagate the returned error to the users if filesystem ->encode_fh() method returns an error. Reported-by: Dan Carpenter <[email protected]> Link: https://lore.kernel.org/linux-fsdevel/[email protected]/ Signed-off-by: Amir Goldstein <[email protected]> Reviewed-by: Jeff Layton <[email protected]> Signed-off-by: Jan Kara <[email protected]> Message-Id: <[email protected]>
1 parent a95aef6 commit 7cdafe6

File tree

3 files changed

+7
-4
lines changed

3 files changed

+7
-4
lines changed

fs/fhandle.c

Lines changed: 3 additions & 2 deletions
Original file line numberDiff line numberDiff line change
@@ -57,18 +57,19 @@ static long do_sys_name_to_handle(const struct path *path,
5757
handle_bytes = handle_dwords * sizeof(u32);
5858
handle->handle_bytes = handle_bytes;
5959
if ((handle->handle_bytes > f_handle.handle_bytes) ||
60-
(retval == FILEID_INVALID) || (retval == -ENOSPC)) {
60+
(retval == FILEID_INVALID) || (retval < 0)) {
6161
/* As per old exportfs_encode_fh documentation
6262
* we could return ENOSPC to indicate overflow
6363
* But file system returned 255 always. So handle
6464
* both the values
6565
*/
66+
if (retval == FILEID_INVALID || retval == -ENOSPC)
67+
retval = -EOVERFLOW;
6668
/*
6769
* set the handle size to zero so we copy only
6870
* non variable part of the file_handle
6971
*/
7072
handle_bytes = 0;
71-
retval = -EOVERFLOW;
7273
} else
7374
retval = 0;
7475
/* copy the mount id */

fs/nfsd/nfsfh.c

Lines changed: 3 additions & 1 deletion
Original file line numberDiff line numberDiff line change
@@ -416,9 +416,11 @@ static void _fh_update(struct svc_fh *fhp, struct svc_export *exp,
416416
int maxsize = (fhp->fh_maxsize - fhp->fh_handle.fh_size)/4;
417417
int fh_flags = (exp->ex_flags & NFSEXP_NOSUBTREECHECK) ? 0 :
418418
EXPORT_FH_CONNECTABLE;
419+
int fileid_type =
420+
exportfs_encode_fh(dentry, fid, &maxsize, fh_flags);
419421

420422
fhp->fh_handle.fh_fileid_type =
421-
exportfs_encode_fh(dentry, fid, &maxsize, fh_flags);
423+
fileid_type > 0 ? fileid_type : FILEID_INVALID;
422424
fhp->fh_handle.fh_size += maxsize * 4;
423425
} else {
424426
fhp->fh_handle.fh_fileid_type = FILEID_ROOT;

fs/notify/fanotify/fanotify.c

Lines changed: 1 addition & 1 deletion
Original file line numberDiff line numberDiff line change
@@ -445,7 +445,7 @@ static int fanotify_encode_fh(struct fanotify_fh *fh, struct inode *inode,
445445
dwords = fh_len >> 2;
446446
type = exportfs_encode_fid(inode, buf, &dwords);
447447
err = -EINVAL;
448-
if (!type || type == FILEID_INVALID || fh_len != dwords << 2)
448+
if (type <= 0 || type == FILEID_INVALID || fh_len != dwords << 2)
449449
goto out_err;
450450

451451
fh->type = type;

0 commit comments

Comments
 (0)