| Brad Bishop | 316dfdd | 2018-06-25 12:45:53 -0400 | [diff] [blame] | 1 | From 7c7590ad536c0e24bef790cb1e65702fc54db566 Mon Sep 17 00:00:00 2001 |
| 2 | From: Steve Dickson <steved@redhat.com> |
| 3 | Date: Tue, 30 May 2017 11:27:22 -0400 |
| 4 | Subject: [PATCH] rpcbproc_callit_com: Stop freeing a static pointer |
| 5 | |
| 6 | commit 7ea36ee introduced a svc_freeargs() call |
| 7 | that ended up freeing static pointer. |
| 8 | |
| 9 | It turns out the allocations for the rmt_args |
| 10 | is not necessary . The xdr routines (xdr_bytes) will |
| 11 | handle the memory management and the largest |
| 12 | possible message size is UDPMSGSIZE (due to UDP only) |
| 13 | which is smaller than RPC_BUF_MAX |
| 14 | |
| 15 | Signed-off-by: Steve Dickson <steved@redhat.com> |
| 16 | |
| 17 | Upstream-Status: Backport |
| 18 | |
| 19 | Signed-off-by: Jackie Huang <jackie.huang@windriver.com> |
| 20 | --- |
| 21 | src/rpcb_svc_com.c | 39 ++++++--------------------------------- |
| 22 | 1 file changed, 6 insertions(+), 33 deletions(-) |
| 23 | |
| 24 | diff --git a/src/rpcb_svc_com.c b/src/rpcb_svc_com.c |
| 25 | index cb63afd..1fc2229 100644 |
| 26 | --- a/src/rpcb_svc_com.c |
| 27 | +++ b/src/rpcb_svc_com.c |
| 28 | @@ -612,9 +612,9 @@ rpcbproc_callit_com(struct svc_req *rqstp, SVCXPRT *transp, |
| 29 | struct netconfig *nconf; |
| 30 | struct netbuf *caller; |
| 31 | struct r_rmtcall_args a; |
| 32 | - char *buf_alloc = NULL, *outbufp; |
| 33 | + char *outbufp; |
| 34 | char *outbuf_alloc = NULL; |
| 35 | - char buf[RPC_BUF_MAX], outbuf[RPC_BUF_MAX]; |
| 36 | + char outbuf[RPC_BUF_MAX]; |
| 37 | struct netbuf *na = (struct netbuf *) NULL; |
| 38 | struct rpc_msg call_msg; |
| 39 | int outlen; |
| 40 | @@ -635,36 +635,10 @@ rpcbproc_callit_com(struct svc_req *rqstp, SVCXPRT *transp, |
| 41 | } |
| 42 | if (si.si_socktype != SOCK_DGRAM) |
| 43 | return; /* Only datagram type accepted */ |
| 44 | - sendsz = __rpc_get_t_size(si.si_af, si.si_proto, UDPMSGSIZE); |
| 45 | - if (sendsz == 0) { /* data transfer not supported */ |
| 46 | - if (reply_type == RPCBPROC_INDIRECT) |
| 47 | - svcerr_systemerr(transp); |
| 48 | - return; |
| 49 | - } |
| 50 | - /* |
| 51 | - * Should be multiple of 4 for XDR. |
| 52 | - */ |
| 53 | - sendsz = ((sendsz + 3) / 4) * 4; |
| 54 | - if (sendsz > RPC_BUF_MAX) { |
| 55 | -#ifdef notyet |
| 56 | - buf_alloc = alloca(sendsz); /* not in IDR2? */ |
| 57 | -#else |
| 58 | - buf_alloc = malloc(sendsz); |
| 59 | -#endif /* notyet */ |
| 60 | - if (buf_alloc == NULL) { |
| 61 | - if (debugging) |
| 62 | - xlog(LOG_DEBUG, |
| 63 | - "rpcbproc_callit_com: No Memory!\n"); |
| 64 | - if (reply_type == RPCBPROC_INDIRECT) |
| 65 | - svcerr_systemerr(transp); |
| 66 | - return; |
| 67 | - } |
| 68 | - a.rmt_args.args = buf_alloc; |
| 69 | - } else { |
| 70 | - a.rmt_args.args = buf; |
| 71 | - } |
| 72 | + sendsz = UDPMSGSIZE; |
| 73 | |
| 74 | call_msg.rm_xid = 0; /* For error checking purposes */ |
| 75 | + memset(&a, 0, sizeof(a)); /* Zero out the input buffer */ |
| 76 | if (!svc_getargs(transp, (xdrproc_t) xdr_rmtcall_args, (char *) &a)) { |
| 77 | if (reply_type == RPCBPROC_INDIRECT) |
| 78 | svcerr_decode(transp); |
| 79 | @@ -704,7 +678,8 @@ rpcbproc_callit_com(struct svc_req *rqstp, SVCXPRT *transp, |
| 80 | if (rbl == (rpcblist_ptr)NULL) { |
| 81 | #ifdef RPCBIND_DEBUG |
| 82 | if (debugging) |
| 83 | - xlog(LOG_DEBUG, "not found\n"); |
| 84 | + xlog(LOG_DEBUG, "prog %lu vers %lu: not found\n", |
| 85 | + a.rmt_prog, a.rmt_vers); |
| 86 | #endif |
| 87 | if (reply_type == RPCBPROC_INDIRECT) |
| 88 | svcerr_noprog(transp); |
| 89 | @@ -937,8 +912,6 @@ out: |
| 90 | } |
| 91 | if (local_uaddr) |
| 92 | free(local_uaddr); |
| 93 | - if (buf_alloc) |
| 94 | - free(buf_alloc); |
| 95 | if (outbuf_alloc) |
| 96 | free(outbuf_alloc); |
| 97 | if (na) { |
| 98 | -- |
| 99 | 2.7.4 |
| 100 | |