Login
[x]
Log in using an account from:
Fedora Account System
Red Hat Associate
Red Hat Customer
Or login using a Red Hat Bugzilla account
Forgot Password
Login:
Hide Forgot
Create an Account
Red Hat Bugzilla – Attachment 271431 Details for
Bug 355141
pull upstream patches for smbfs
[?]
New
Simple Search
Advanced Search
My Links
Browse
Requests
Reports
Current State
Search
Tabular reports
Graphical reports
Duplicates
Other Reports
User Changes
Plotly Reports
Bug Status
Bug Severity
Non-Defaults
|
Product Dashboard
Help
Page Help!
Bug Writing Guidelines
What's new
Browser Support Policy
5.0.4.rh83 Release notes
FAQ
Guides index
User guide
Web Services
Contact
Legal
This site requires JavaScript to be enabled to function correctly, please enable it.
[patch]
patch 8
0008-BZ-355141-smbfs-fix-calculation-of-size-parameter.patch (text/plain), 1.93 KB, created by
Jeff Layton
on 2007-11-28 15:48:03 UTC
(
hide
)
Description:
patch 8
Filename:
MIME Type:
Creator:
Jeff Layton
Created:
2007-11-28 15:48:03 UTC
Size:
1.93 KB
patch
obsolete
>To: rhkernel-list@redhat.com >From: Jeff Layton <jlayton@redhat.com> >Subject: [RHEL4 PATCH 8/8] BZ#355141: smbfs: fix calculation of size parameter in smb_receive > >(This problem was originally reported by a customer as BZ# 241545) > >smb_receive calls kernel_recvmsg with a size that's the minimum of the >amount of buffer space in the kvec passed in or req->rq_rlen (which >represents the length of the response). This does not take into account >any response data that was read in an earlier pass through smb_receive. > >If the first pass through smb_receive receives some but not all of the >response, then the next pass can call kernel_recvmsg with a size field >that's too big. kernel_recvmsg can overrun into the next response, >throwing off the alignment and making it unrecognizable. > >This causes messages like this to pop up in the ring buffer: > >smb_get_length: Invalid NBT packet, code=69 > >as well as other errors indicating that the response is unrecognizable. >Typically this is seen on a smbfs mount under heavy I/O. > >This patch changes the code to use (req->rq_rlen - req->rq_bytes_recvd) >instead instead of just req->rq_rlen, since that should represent the >amount of unread data in the response. > >Signed-off-by: Jeff Layton <jlayton@redhat.com> >Acked-by: Guenter Kukkukk <linux@kukkukk.com> >--- > fs/smbfs/sock.c | 5 ++--- > 1 files changed, 2 insertions(+), 3 deletions(-) > >diff --git a/fs/smbfs/sock.c b/fs/smbfs/sock.c >index 93f3cd2..61ef091 100644 >--- a/fs/smbfs/sock.c >+++ b/fs/smbfs/sock.c >@@ -330,9 +330,8 @@ smb_receive(struct smb_sb_info *server, struct smb_request *req) > msg.msg_control = NULL; > > /* Dont repeat bytes and count available bufferspace */ >- rlen = smb_move_iov(&p, &num, iov, req->rq_bytes_recvd); >- if (req->rq_rlen < rlen) >- rlen = req->rq_rlen; >+ rlen = min_t(int, smb_move_iov(&p, &num, iov, req->rq_bytes_recvd), >+ (req->rq_rlen - req->rq_bytes_recvd)); > > result = kernel_recvmsg(sock, &msg, p, num, rlen, flags); > >-- >1.5.3.3 >
<b>You cannot view the attachment while viewing its details because your browser does not support IFRAMEs. <a href="attachment.cgi?id=271431">View the attachment on a separate page</a>.</b>
View Attachment As Diff
View Attachment As Raw
Actions:
View
|
Diff
Attachments on
bug 355141
:
240281
|
240291
|
240301
|
240311
|
240321
|
240331
|
240341
| 271431