NFS: Fix bad checking of max taglen in callback request

author Kinglong Mee <kinglongmee@gmail.com>

Thu, 24 Sep 2015 12:58:16 +0000 (20:58 +0800)

committer Trond Myklebust <trond.myklebust@primarydata.com>

Wed, 21 Oct 2015 20:49:23 +0000 (15:49 -0500)
author Kinglong Mee <kinglongmee@gmail.com>
Thu, 24 Sep 2015 12:58:16 +0000 (20:58 +0800)
committer Trond Myklebust <trond.myklebust@primarydata.com>
Wed, 21 Oct 2015 20:49:23 +0000 (15:49 -0500)
diff --git a/fs/nfs/callback_xdr.c b/fs/nfs/callback_xdr.c

index 9f0f0f646eaf0d11789339cbb782650cb37c018a..4ad39fe203f7c957fa6df73ce8268b0d683e0127 100644 (file)
--- a/fs/nfs/callback_xdr.c
+++ b/fs/nfs/callback_xdr.c
@@ -159,7 +159,7 @@ static __be32 decode_compound_hdr_arg(struct xdr_stream *xdr, struct cb_compound
         if (unlikely(status != 0))
                 return status;
         /* We do not like overly long tags! */
-       if (hdr->taglen > CB_OP_TAGLEN_MAXSZ - 12) {
+       if (hdr->taglen > CB_OP_TAGLEN_MAXSZ) {
                 printk("NFS: NFSv4 CALLBACK %s: client sent tag of length %u\n",
                                 __func__, hdr->taglen);
                 return htonl(NFS4ERR_RESOURCE);
author	Kinglong Mee <kinglongmee@gmail.com>
	Thu, 24 Sep 2015 12:58:16 +0000 (20:58 +0800)
committer	Trond Myklebust <trond.myklebust@primarydata.com>
	Wed, 21 Oct 2015 20:49:23 +0000 (15:49 -0500)