git: 3fe2c68ba20f - main - nfsclient: fix panic in cache_enter_time()
Konstantin Belousov
kostikbel at gmail.com
Sun Feb 28 02:29:58 UTC 2021
On Sun, Feb 28, 2021 at 01:56:43AM +0000, Rick Macklem wrote:
> The branch main has been updated by rmacklem:
>
> URL: https://cgit.FreeBSD.org/src/commit/?id=3fe2c68ba20fb3365ef91e0b85f88237b5369f38
>
> commit 3fe2c68ba20fb3365ef91e0b85f88237b5369f38
> Author: Rick Macklem <rmacklem at FreeBSD.org>
> AuthorDate: 2021-02-28 01:54:05 +0000
> Commit: Rick Macklem <rmacklem at FreeBSD.org>
> CommitDate: 2021-02-28 01:54:05 +0000
>
> nfsclient: fix panic in cache_enter_time()
>
> Juraj Lutter (otis@) reported a panic "dvp != vp not true" in
> cache_enter_time() called from the NFS client's nfsrpc_readdirplus()
> function.
> This is specific to an NFSv3 mount with the "rdirplus" mount
> option. Unlike NFSv4, NFSv3 replies to ReaddirPlus
> includes entries for the current directory.
Should we check cache_enterXXX() args for other places, like lookup,
as well? Malicious or buggy server could return the vp == dvp even for
case other than dot.
BTW, for some cases, dotdot can result in dvp == vp as well.
More information about the dev-commits-src-all
mailing list