SAFE public projects git trees. - safe/jmp/linux-2.6/commit

author	Chuck Lever <chuck.lever@oracle.com>
	Thu, 23 Apr 2009 23:31:25 +0000 (19:31 -0400)
committer	J. Bruce Fields <bfields@citi.umich.edu>
	Tue, 28 Apr 2009 17:54:25 +0000 (13:54 -0400)
commit	abc5c44d6284fab8fb21bcfc52c0f16f980637df
tree	98825098d3f6488a1a8fb55ec40131313b1d25e9	tree \| snapshot
parent	dcf1a3573eae69937fb14462369c4d3e6f4a37f1	commit \| diff

SUNRPC: Fix error return value of svc_addr_len()

The svc_addr_len() helper function returns -EAFNOSUPPORT if it doesn't
recognize the address family of the passed-in socket address.  However,
the return type of this function is size_t, which means -EAFNOSUPPORT
is turned into a very large positive value in this case.

The check in svc_udp_recvfrom() to see if the return value is less
than zero therefore won't work at all.

Additionally, handle_connect_req() passes this value directly to
memset().  This could cause memset() to clobber a large chunk of memory
if svc_addr_len() has returned an error.  Currently the address family
of these addresses, however, is known to be supported long before
handle_connect_req() is called, so this isn't a real risk.

Change the error return value of svc_addr_len() to zero, which fits in
the range of size_t, and is safer to pass to memset() directly.

Signed-off-by: Chuck Lever <chuck.lever@oracle.com>
Signed-off-by: J. Bruce Fields <bfields@citi.umich.edu>

include/linux/sunrpc/svc_xprt.h		diff \| blob \| history
net/sunrpc/svcsock.c		diff \| blob \| history