git.openpandora.org / pandora-kernel.git / blobdiff
? search:
summary | shortlog | log | commit | commitdiff | tree
raw | inline | side by side
nfsd: stricter decoding of write-like NFSv2/v3 ops
[pandora-kernel.git] / fs / nfsd / nfsxdr.c
diff --git a/fs/nfsd/nfsxdr.c b/fs/nfsd/nfsxdr.c
index 5ca1561..830f29b 100644 (file)
--- a/fs/nfsd/nfsxdr.c
+++ b/fs/nfsd/nfsxdr.c
@@ -298,6 +298,8 @@ nfssvc_decode_writeargs(struct svc_rqst *rqstp, __be32 *p,
         * bytes.
         */
        hdr = (void*)p - head->iov_base;
+       if (hdr > head->iov_len)
+               return 0;
        dlen = head->iov_len + rqstp->rq_arg.page_len - hdr;
 
        /*
Pandora Kernel Repository