From mboxrd@z Thu Jan 1 00:00:00 1970 Return-Path: Received: (majordomo@vger.kernel.org) by vger.kernel.org via listexpand id S933565Ab3BLTtN (ORCPT ); Tue, 12 Feb 2013 14:49:13 -0500 Received: from mail.tpi.com ([70.99.223.143]:1384 "EHLO mail.tpi.com" rhost-flags-OK-OK-OK-OK) by vger.kernel.org with ESMTP id S933153Ab3BLTtM (ORCPT ); Tue, 12 Feb 2013 14:49:12 -0500 From: Tim Gardner To: linux-kernel@vger.kernel.org Cc: Tim Gardner , Trond Myklebust , "J. Bruce Fields" , linux-nfs@vger.kernel.org Subject: [PATCH linux-next] lockd: nlmsvc_mark_resources(): avoid stack overflow Date: Tue, 12 Feb 2013 12:48:58 -0700 Message-Id: <1360698538-63040-1-git-send-email-tim.gardner@canonical.com> X-Mailer: git-send-email 1.7.9.5 Sender: linux-kernel-owner@vger.kernel.org List-ID: X-Mailing-List: linux-kernel@vger.kernel.org Dynamically allocate the NLM host structure in order to avoid stack overflow. nlmsvc_mark_resources() is several call levels deep in a stack that has a number of large variables. 512 bytes seems like a lot on the stack at this point. smatch analysis: fs/lockd/svcsubs.c:366 nlmsvc_mark_resources() warn: 'hint' puts 512 bytes on stack Cc: Trond Myklebust Cc: "J. Bruce Fields" Cc: linux-nfs@vger.kernel.org Signed-off-by: Tim Gardner --- fs/lockd/svcsubs.c | 12 ++++++++---- 1 file changed, 8 insertions(+), 4 deletions(-) diff --git a/fs/lockd/svcsubs.c b/fs/lockd/svcsubs.c index b904f41..f3abb7f 100644 --- a/fs/lockd/svcsubs.c +++ b/fs/lockd/svcsubs.c @@ -363,11 +363,15 @@ nlmsvc_is_client(void *data, struct nlm_host *dummy) void nlmsvc_mark_resources(struct net *net) { - struct nlm_host hint; + struct nlm_host *hint = kzalloc(sizeof(*hint), GFP_KERNEL); - dprintk("lockd: nlmsvc_mark_resources for net %p\n", net); - hint.net = net; - nlm_traverse_files(&hint, nlmsvc_mark_host, NULL); + if (hint) { + dprintk("lockd: nlmsvc_mark_resources for net %p\n", net); + hint->net = net; + nlm_traverse_files(hint, nlmsvc_mark_host, NULL); + } + + kfree(hint); } /* -- 1.7.9.5