This is the mail archive of the
libc-alpha@sourceware.org
mailing list for the glibc project.
Re: [PATCH] Increase limits on xdr_ requests
- From: "Carlos O'Donell" <carlos at redhat dot com>
- To: pfrankli at redhat dot com
- Cc: libc-alpha at sourceware dot org, "Carlos O'Donell" <codonell at redhat dot com>
- Date: Thu, 30 May 2013 16:14:41 -0400
- Subject: Re: [PATCH] Increase limits on xdr_ requests
- References: <51A7AD72 dot 5070201 at redhat dot com>
On 05/30/2013 03:50 PM, Patsy Franklin wrote:
> A previous patch to set reasonable limits on xdr_
> requests proved too restrictive for some users.
>
> This patch increases limits on xdr_ requests based on
> user feedback.
It was in 2.17 when we reduced the limits down to the YP* values.
Therefore this is a publicly visible change in behaviour and
as such requires you to:
(a) File a bug in sourceware.org/bugzilla against the glibc component.
> 2013-05-30 Patsy Franklin <pfrankli@redhat.com>
(b) Add "\t[BZ #XXXX]" here.
(c) Close the bug once you check this, and make sure to update NEWS
with the fixed bug number.
> * nis/yp_xdr.c (XDRMAXNAME): Define.
> (XDRMAXRECORD): Define.
> (xdr_domainname): Use XDRMAXNAME.
> (xdr_mapname): Likewise.
> (xdr_peername): Likewise.
> (xdr_keydat): Use XDRMAXRECORD.
> (xdr_valdat): Likewise.
The rest of the patch looks good to me.
> yp_xdr.patch
>
>
> diff --git a/nis/yp_xdr.c b/nis/yp_xdr.c
> index 4188506..e67652f 100644
> --- a/nis/yp_xdr.c
> +++ b/nis/yp_xdr.c
> @@ -32,6 +32,14 @@
> #include <rpcsvc/yp.h>
> #include <rpcsvc/ypclnt.h>
>
> +/* The NIS v2 protocol suggests 1024 bytes as a maximum length of all fields.
> + Current Linux systems don't use this limit. To remain compatible with
> + recent Linux systems we choose limits large enough to load large key and
> + data values, but small enough to not pose a DoS threat. */
> +
> +#define XDRMAXNAME 1024
> +#define XDRMAXRECORD (16 * 1024 * 1024)
> +
> bool_t
> xdr_ypstat (XDR *xdrs, ypstat *objp)
> {
> @@ -49,21 +57,21 @@ libnsl_hidden_def (xdr_ypxfrstat)
> bool_t
> xdr_domainname (XDR *xdrs, domainname *objp)
> {
> - return xdr_string (xdrs, objp, YPMAXDOMAIN);
> + return xdr_string (xdrs, objp, XDRMAXNAME);
> }
> libnsl_hidden_def (xdr_domainname)
>
> bool_t
> xdr_mapname (XDR *xdrs, mapname *objp)
> {
> - return xdr_string (xdrs, objp, YPMAXMAP);
> + return xdr_string (xdrs, objp, XDRMAXNAME);
> }
> libnsl_hidden_def (xdr_mapname)
>
> bool_t
> xdr_peername (XDR *xdrs, peername *objp)
> {
> - return xdr_string (xdrs, objp, YPMAXPEER);
> + return xdr_string (xdrs, objp, XDRMAXNAME);
> }
> libnsl_hidden_def (xdr_peername)
>
> @@ -71,7 +79,7 @@ bool_t
> xdr_keydat (XDR *xdrs, keydat *objp)
> {
> return xdr_bytes (xdrs, (char **) &objp->keydat_val,
> - (u_int *) &objp->keydat_len, YPMAXRECORD);
> + (u_int *) &objp->keydat_len, XDRMAXRECORD);
> }
> libnsl_hidden_def (xdr_keydat)
>
> @@ -79,7 +87,7 @@ bool_t
> xdr_valdat (XDR *xdrs, valdat *objp)
> {
> return xdr_bytes (xdrs, (char **) &objp->valdat_val,
> - (u_int *) &objp->valdat_len, YPMAXRECORD);
> + (u_int *) &objp->valdat_len, XDRMAXRECORD);
> }
> libnsl_hidden_def (xdr_valdat)
>
Cheers,
CArlos.