nfsd: more careful input validation in nfsctl write methods

[firefly-linux-kernel-4.4.55.git] / fs / nfsd / nfsctl.c

diff --git a/fs/nfsd/nfsctl.c b/fs/nfsd/nfsctl.c
index bc22e0b0343ac82aca294cf2509b90a4b7116009..8516137cdbb055ac87d1673c482126d2e670f488 100644 (file)
--- a/fs/nfsd/nfsctl.c
+++ b/fs/nfsd/nfsctl.c
@@ -304,6 +304,9 @@ static ssize_t write_filehandle(struct file *file, char *buf, size_t size)
        struct auth_domain *dom;
        struct knfsd_fh fh;
 
+       if (size == 0)
+               return -EINVAL;
+
        if (buf[size-1] != '\n')
                return -EINVAL;
        buf[size-1] = 0;
@@ -663,7 +666,7 @@ static ssize_t write_recoverydir(struct file *file, char *buf, size_t size)
        char *recdir;
        int len, status;
 
-       if (size > PATH_MAX || buf[size-1] != '\n')
+       if (size == 0 || size > PATH_MAX || buf[size-1] != '\n')
                return -EINVAL;
        buf[size-1] = 0;