Patchwork [3.5.y.z,extended,stable] Patch "NFSv4: Fix the string length returned by the idmapper" has been added to staging queue

mail settings
Submitter Luis Henriques
Date April 1, 2013, 3:04 p.m.
Message ID <>
Download mbox | patch
Permalink /patch/232753/
State New
Headers show


Luis Henriques - April 1, 2013, 3:04 p.m.
This is a note to let you know that I have just added a patch titled

    NFSv4: Fix the string length returned by the idmapper

to the linux-3.5.y-queue branch of the 3.5.y.z extended stable tree 
which can be found at:;a=shortlog;h=refs/heads/linux-3.5.y-queue

If you, or anyone else, feels it should not be added to this tree, please 
reply to this email.

For more information about the 3.5.y.z tree, see



From 905c8646bdfebf576494649c0babeff8c8ed9702 Mon Sep 17 00:00:00 2001
From: Trond Myklebust <>
Date: Fri, 8 Mar 2013 12:56:37 -0500
Subject: [PATCH] NFSv4: Fix the string length returned by the idmapper

commit cf4ab538f1516606d3ae730dce15d6f33d96b7e1 upstream.

Functions like nfs_map_uid_to_name() and nfs_map_gid_to_group() are
expected to return a string without any terminating NUL character.
Regression introduced by commit 57e62324e469e092ecc6c94a7a86fe4bd6ac5172
(NFS: Store the legacy idmapper result in the keyring).

Reported-by: Dave Chiluk <>
Signed-off-by: Trond Myklebust <>
Cc: Bryan Schumaker <>
[ luis: backported to 3.5: adjusted context ]
Signed-off-by: Luis Henriques <>
 fs/nfs/idmap.c | 13 ++++++++-----
 1 file changed, 8 insertions(+), 5 deletions(-)



diff --git a/fs/nfs/idmap.c b/fs/nfs/idmap.c
index a0972e9..e4476dc 100644
--- a/fs/nfs/idmap.c
+++ b/fs/nfs/idmap.c
@@ -710,9 +710,9 @@  out1:
 	return ret;

-static int nfs_idmap_instantiate(struct key *key, struct key *authkey, char *data)
+static int nfs_idmap_instantiate(struct key *key, struct key *authkey, char *data, size_t datalen)
-	return key_instantiate_and_link(key, data, strlen(data) + 1,
+	return key_instantiate_and_link(key, data, datalen,
@@ -720,15 +720,18 @@  static int nfs_idmap_instantiate(struct key *key, struct key *authkey, char *dat
 static int nfs_idmap_read_message(struct idmap_msg *im, struct key *key, struct key *authkey)
 	char id_str[NFS_UINT_MAXLEN];
+	size_t len;
 	int ret = -EINVAL;

 	switch (im->im_conv) {
-		sprintf(id_str, "%d", im->im_id);
-		ret = nfs_idmap_instantiate(key, authkey, id_str);
+		/* Note: here we store the NUL terminator too */
+		len = sprintf(id_str, "%d", im->im_id) + 1;
+		ret = nfs_idmap_instantiate(key, authkey, id_str, len);
-		ret = nfs_idmap_instantiate(key, authkey, im->im_name);
+		len = strlen(im->im_name);
+		ret = nfs_idmap_instantiate(key, authkey, im->im_name, len);