summaryrefslogtreecommitdiffstats
path: root/xlators/protocol/server
diff options
context:
space:
mode:
authorAmar Tumballi <amar@gluster.com>2010-07-23 03:13:19 +0000
committerAnand V. Avati <avati@dev.gluster.com>2010-07-23 04:28:49 -0700
commit9c2753d1bee735cb74968106c7ce8ca1460504c6 (patch)
tree56aad940b0a6edde276b633e331f15d622e2c0a1 /xlators/protocol/server
parentb12d471100bd7ade9b3a6c0d917e0416f1b62e9b (diff)
handle some NULL dereference in server protocol
which can happen due to un authenticated clients sending requests. Signed-off-by: Amar Tumballi <amar@gluster.com> Signed-off-by: Anand V. Avati <avati@dev.gluster.com> BUG: 1195 (crash in protocol server due to unauthenticated fop request..) URL: http://bugs.gluster.com/cgi-bin/bugzilla3/show_bug.cgi?id=1195
Diffstat (limited to 'xlators/protocol/server')
-rw-r--r--xlators/protocol/server/src/server-helpers.c7
-rw-r--r--xlators/protocol/server/src/server3_1-fops.c209
2 files changed, 210 insertions, 6 deletions
diff --git a/xlators/protocol/server/src/server-helpers.c b/xlators/protocol/server/src/server-helpers.c
index 216204a8b..37418ac1d 100644
--- a/xlators/protocol/server/src/server-helpers.c
+++ b/xlators/protocol/server/src/server-helpers.c
@@ -742,10 +742,15 @@ server_alloc_frame (rpcsvc_request_t *req)
server_connection_t *conn = NULL;
GF_VALIDATE_OR_GOTO("server", req, out);
+ GF_VALIDATE_OR_GOTO("server", req->conn, out);
+ GF_VALIDATE_OR_GOTO("server", req->conn->trans, out);
+ GF_VALIDATE_OR_GOTO("server", req->conn->svc, out);
+ GF_VALIDATE_OR_GOTO("server", req->conn->svc->ctx, out);
conn = (server_connection_t *)req->conn->trans->xl_private;
if (!conn)
goto out;
+
frame = create_frame (conn->this, req->conn->svc->ctx->pool);
GF_VALIDATE_OR_GOTO("server", frame, out);
@@ -753,7 +758,7 @@ server_alloc_frame (rpcsvc_request_t *req)
GF_VALIDATE_OR_GOTO("server", state, out);
if (conn->bound_xl)
- state->itable = conn->bound_xl->itable;
+ state->itable = conn->bound_xl->itable;
state->xprt = req->conn->trans;
state->conn = conn;
diff --git a/xlators/protocol/server/src/server3_1-fops.c b/xlators/protocol/server/src/server3_1-fops.c
index 1b7741766..d100f5fde 100644
--- a/xlators/protocol/server/src/server3_1-fops.c
+++ b/xlators/protocol/server/src/server3_1-fops.c
@@ -2683,13 +2683,17 @@ server_stat (rpcsvc_request_t *req)
frame->root->op = GF_FOP_STAT;
state = CALL_STATE (frame);
- {
- state->resolve.type = RESOLVE_MUST;
- state->resolve.ino = args.ino;
- state->resolve.gen = args.gen;
- state->resolve.path = gf_strdup (args.path);
+ if (!state->conn->bound_xl) {
+ /* auth failure, request on subvolume without setvolume */
+ req->rpc_err = GARBAGE_ARGS;
+ goto out;
}
+ state->resolve.type = RESOLVE_MUST;
+ state->resolve.ino = args.ino;
+ state->resolve.gen = args.gen;
+ state->resolve.path = gf_strdup (args.path);
+
resolve_and_resume (frame, server_stat_resume);
out:
return 0;
@@ -2724,6 +2728,11 @@ server_setattr (rpcsvc_request_t *req)
frame->root->op = GF_FOP_SETATTR;
state = CALL_STATE (frame);
+ if (!state->conn->bound_xl) {
+ /* auth failure, request on subvolume without setvolume */
+ req->rpc_err = GARBAGE_ARGS;
+ goto out;
+ }
state->resolve.type = RESOLVE_MUST;
state->resolve.ino = args.ino;
@@ -2764,6 +2773,11 @@ server_fsetattr (rpcsvc_request_t *req)
frame->root->op = GF_FOP_FSETATTR;
state = CALL_STATE (frame);
+ if (!state->conn->bound_xl) {
+ /* auth failure, request on subvolume without setvolume */
+ req->rpc_err = GARBAGE_ARGS;
+ goto out;
+ }
state->resolve.type = RESOLVE_MUST;
state->resolve.fd_no = args.fd;
@@ -2805,6 +2819,11 @@ server_readlink (rpcsvc_request_t *req)
frame->root->op = GF_FOP_READLINK;
state = CALL_STATE (frame);
+ if (!state->conn->bound_xl) {
+ /* auth failure, request on subvolume without setvolume */
+ req->rpc_err = GARBAGE_ARGS;
+ goto out;
+ }
state->resolve.type = RESOLVE_MUST;
state->resolve.ino = args.ino;
@@ -2852,6 +2871,11 @@ server_create (rpcsvc_request_t *req)
frame->root->op = GF_FOP_CREATE;
state = CALL_STATE (frame);
+ if (!state->conn->bound_xl) {
+ /* auth failure, request on subvolume without setvolume */
+ req->rpc_err = GARBAGE_ARGS;
+ goto out;
+ }
state->resolve.type = RESOLVE_NOT;
state->resolve.par = args.par;
@@ -2895,6 +2919,11 @@ server_open (rpcsvc_request_t *req)
frame->root->op = GF_FOP_OPEN;
state = CALL_STATE (frame);
+ if (!state->conn->bound_xl) {
+ /* auth failure, request on subvolume without setvolume */
+ req->rpc_err = GARBAGE_ARGS;
+ goto out;
+ }
state->resolve.type = RESOLVE_MUST;
state->resolve.ino = args.ino;
@@ -2934,6 +2963,11 @@ server_readv (rpcsvc_request_t *req)
frame->root->op = GF_FOP_READ;
state = CALL_STATE (frame);
+ if (!state->conn->bound_xl) {
+ /* auth failure, request on subvolume without setvolume */
+ req->rpc_err = GARBAGE_ARGS;
+ goto out;
+ }
state->resolve.type = RESOLVE_MUST;
state->resolve.fd_no = args.fd;
@@ -2981,6 +3015,11 @@ server_writev_vec (rpcsvc_request_t *req, struct iobuf *iobuf)
frame->root->op = GF_FOP_WRITE;
state = CALL_STATE (frame);
+ if (!state->conn->bound_xl) {
+ /* auth failure, request on subvolume without setvolume */
+ req->rpc_err = GARBAGE_ARGS;
+ goto out;
+ }
state->resolve.type = RESOLVE_MUST;
state->resolve.fd_no = args.fd;
@@ -3072,6 +3111,11 @@ server_fsync (rpcsvc_request_t *req)
frame->root->op = GF_FOP_FSYNC;
state = CALL_STATE (frame);
+ if (!state->conn->bound_xl) {
+ /* auth failure, request on subvolume without setvolume */
+ req->rpc_err = GARBAGE_ARGS;
+ goto out;
+ }
state->resolve.type = RESOLVE_MUST;
state->resolve.fd_no = args.fd;
@@ -3109,6 +3153,11 @@ server_flush (rpcsvc_request_t *req)
frame->root->op = GF_FOP_FLUSH;
state = CALL_STATE (frame);
+ if (!state->conn->bound_xl) {
+ /* auth failure, request on subvolume without setvolume */
+ req->rpc_err = GARBAGE_ARGS;
+ goto out;
+ }
state->resolve.type = RESOLVE_MUST;
state->resolve.fd_no = args.fd;
@@ -3145,6 +3194,11 @@ server_ftruncate (rpcsvc_request_t *req)
frame->root->op = GF_FOP_FTRUNCATE;
state = CALL_STATE (frame);
+ if (!state->conn->bound_xl) {
+ /* auth failure, request on subvolume without setvolume */
+ req->rpc_err = GARBAGE_ARGS;
+ goto out;
+ }
state->resolve.type = RESOLVE_MUST;
state->resolve.fd_no = args.fd;
@@ -3181,6 +3235,11 @@ server_fstat (rpcsvc_request_t *req)
frame->root->op = GF_FOP_FSTAT;
state = CALL_STATE (frame);
+ if (!state->conn->bound_xl) {
+ /* auth failure, request on subvolume without setvolume */
+ req->rpc_err = GARBAGE_ARGS;
+ goto out;
+ }
state->resolve.type = RESOLVE_MUST;
state->resolve.fd_no = args.fd;
@@ -3218,6 +3277,11 @@ server_truncate (rpcsvc_request_t *req)
frame->root->op = GF_FOP_TRUNCATE;
state = CALL_STATE (frame);
+ if (!state->conn->bound_xl) {
+ /* auth failure, request on subvolume without setvolume */
+ req->rpc_err = GARBAGE_ARGS;
+ goto out;
+ }
state->resolve.type = RESOLVE_MUST;
state->resolve.path = gf_strdup (args.path);
@@ -3262,6 +3326,11 @@ server_unlink (rpcsvc_request_t *req)
frame->root->op = GF_FOP_UNLINK;
state = CALL_STATE (frame);
+ if (!state->conn->bound_xl) {
+ /* auth failure, request on subvolume without setvolume */
+ req->rpc_err = GARBAGE_ARGS;
+ goto out;
+ }
state->resolve.type = RESOLVE_MUST;
state->resolve.par = args.par;
@@ -3311,6 +3380,11 @@ server_setxattr (rpcsvc_request_t *req)
frame->root->op = GF_FOP_SETXATTR;
state = CALL_STATE (frame);
+ if (!state->conn->bound_xl) {
+ /* auth failure, request on subvolume without setvolume */
+ req->rpc_err = GARBAGE_ARGS;
+ goto out;
+ }
state->resolve.type = RESOLVE_MUST;
state->resolve.path = gf_strdup (args.path);
@@ -3389,6 +3463,11 @@ server_fsetxattr (rpcsvc_request_t *req)
frame->root->op = GF_FOP_FSETXATTR;
state = CALL_STATE (frame);
+ if (!state->conn->bound_xl) {
+ /* auth failure, request on subvolume without setvolume */
+ req->rpc_err = GARBAGE_ARGS;
+ goto out;
+ }
state->resolve.type = RESOLVE_MUST;
state->resolve.fd_no = args.fd;
@@ -3462,6 +3541,11 @@ server_fxattrop (rpcsvc_request_t *req)
frame->root->op = GF_FOP_FXATTROP;
state = CALL_STATE(frame);
+ if (!state->conn->bound_xl) {
+ /* auth failure, request on subvolume without setvolume */
+ req->rpc_err = GARBAGE_ARGS;
+ goto out;
+ }
state->resolve.type = RESOLVE_MUST;
state->resolve.fd_no = args.fd;
@@ -3541,6 +3625,11 @@ server_xattrop (rpcsvc_request_t *req)
frame->root->op = GF_FOP_XATTROP;
state = CALL_STATE(frame);
+ if (!state->conn->bound_xl) {
+ /* auth failure, request on subvolume without setvolume */
+ req->rpc_err = GARBAGE_ARGS;
+ goto out;
+ }
state->resolve.type = RESOLVE_MUST;
state->resolve.path = gf_strdup (args.path);
@@ -3615,6 +3704,11 @@ server_getxattr (rpcsvc_request_t *req)
frame->root->op = GF_FOP_GETXATTR;
state = CALL_STATE (frame);
+ if (!state->conn->bound_xl) {
+ /* auth failure, request on subvolume without setvolume */
+ req->rpc_err = GARBAGE_ARGS;
+ goto out;
+ }
state->resolve.type = RESOLVE_MUST;
state->resolve.path = gf_strdup (args.path);
@@ -3660,6 +3754,11 @@ server_fgetxattr (rpcsvc_request_t *req)
frame->root->op = GF_FOP_FGETXATTR;
state = CALL_STATE (frame);
+ if (!state->conn->bound_xl) {
+ /* auth failure, request on subvolume without setvolume */
+ req->rpc_err = GARBAGE_ARGS;
+ goto out;
+ }
state->resolve.type = RESOLVE_MUST;
state->resolve.fd_no = args.fd;
@@ -3706,6 +3805,11 @@ server_removexattr (rpcsvc_request_t *req)
frame->root->op = GF_FOP_REMOVEXATTR;
state = CALL_STATE (frame);
+ if (!state->conn->bound_xl) {
+ /* auth failure, request on subvolume without setvolume */
+ req->rpc_err = GARBAGE_ARGS;
+ goto out;
+ }
state->resolve.type = RESOLVE_MUST;
state->resolve.path = gf_strdup (args.path);
@@ -3749,6 +3853,11 @@ server_opendir (rpcsvc_request_t *req)
frame->root->op = GF_FOP_OPENDIR;
state = CALL_STATE (frame);
+ if (!state->conn->bound_xl) {
+ /* auth failure, request on subvolume without setvolume */
+ req->rpc_err = GARBAGE_ARGS;
+ goto out;
+ }
state->resolve.type = RESOLVE_MUST;
state->resolve.path = gf_strdup (args.path);
@@ -3789,6 +3898,11 @@ server_readdirp (rpcsvc_request_t *req)
frame->root->op = GF_FOP_READDIRP;
state = CALL_STATE(frame);
+ if (!state->conn->bound_xl) {
+ /* auth failure, request on subvolume without setvolume */
+ req->rpc_err = GARBAGE_ARGS;
+ goto out;
+ }
state->resolve.type = RESOLVE_MUST;
state->resolve.fd_no = args.fd;
@@ -3828,6 +3942,11 @@ server_readdir (rpcsvc_request_t *req)
frame->root->op = GF_FOP_READDIR;
state = CALL_STATE(frame);
+ if (!state->conn->bound_xl) {
+ /* auth failure, request on subvolume without setvolume */
+ req->rpc_err = GARBAGE_ARGS;
+ goto out;
+ }
state->resolve.type = RESOLVE_MUST;
state->resolve.fd_no = args.fd;
@@ -3867,6 +3986,11 @@ server_fsyncdir (rpcsvc_request_t *req)
frame->root->op = GF_FOP_FSYNCDIR;
state = CALL_STATE(frame);
+ if (!state->conn->bound_xl) {
+ /* auth failure, request on subvolume without setvolume */
+ req->rpc_err = GARBAGE_ARGS;
+ goto out;
+ }
state->resolve.type = RESOLVE_MUST;
state->resolve.fd_no = args.fd;
@@ -3911,6 +4035,11 @@ server_mknod (rpcsvc_request_t *req)
frame->root->op = GF_FOP_MKNOD;
state = CALL_STATE (frame);
+ if (!state->conn->bound_xl) {
+ /* auth failure, request on subvolume without setvolume */
+ req->rpc_err = GARBAGE_ARGS;
+ goto out;
+ }
state->resolve.type = RESOLVE_NOT;
state->resolve.par = args.par;
@@ -3959,6 +4088,11 @@ server_mkdir (rpcsvc_request_t *req)
frame->root->op = GF_FOP_MKDIR;
state = CALL_STATE (frame);
+ if (!state->conn->bound_xl) {
+ /* auth failure, request on subvolume without setvolume */
+ req->rpc_err = GARBAGE_ARGS;
+ goto out;
+ }
state->resolve.type = RESOLVE_NOT;
state->resolve.par = args.par;
@@ -4006,6 +4140,11 @@ server_rmdir (rpcsvc_request_t *req)
frame->root->op = GF_FOP_RMDIR;
state = CALL_STATE (frame);
+ if (!state->conn->bound_xl) {
+ /* auth failure, request on subvolume without setvolume */
+ req->rpc_err = GARBAGE_ARGS;
+ goto out;
+ }
state->resolve.type = RESOLVE_MUST;
state->resolve.par = args.par;
@@ -4053,6 +4192,11 @@ server_inodelk (rpcsvc_request_t *req)
frame->root->op = GF_FOP_INODELK;
state = CALL_STATE (frame);
+ if (!state->conn->bound_xl) {
+ /* auth failure, request on subvolume without setvolume */
+ req->rpc_err = GARBAGE_ARGS;
+ goto out;
+ }
state->resolve.type = RESOLVE_EXACT;
state->resolve.ino = args.ino;
@@ -4124,6 +4268,11 @@ server_finodelk (rpcsvc_request_t *req)
frame->root->op = GF_FOP_FINODELK;
state = CALL_STATE(frame);
+ if (!state->conn->bound_xl) {
+ /* auth failure, request on subvolume without setvolume */
+ req->rpc_err = GARBAGE_ARGS;
+ goto out;
+ }
state->resolve.type = RESOLVE_EXACT;
state->volume = gf_strdup (args.volume);
@@ -4199,6 +4348,11 @@ server_entrylk (rpcsvc_request_t *req)
frame->root->op = GF_FOP_ENTRYLK;
state = CALL_STATE (frame);
+ if (!state->conn->bound_xl) {
+ /* auth failure, request on subvolume without setvolume */
+ req->rpc_err = GARBAGE_ARGS;
+ goto out;
+ }
state->resolve.type = RESOLVE_EXACT;
state->resolve.path = gf_strdup (args.path);
@@ -4249,6 +4403,11 @@ server_fentrylk (rpcsvc_request_t *req)
frame->root->op = GF_FOP_FENTRYLK;
state = CALL_STATE(frame);
+ if (!state->conn->bound_xl) {
+ /* auth failure, request on subvolume without setvolume */
+ req->rpc_err = GARBAGE_ARGS;
+ goto out;
+ }
state->resolve.type = RESOLVE_EXACT;
state->resolve.fd_no = args.fd;
@@ -4294,6 +4453,11 @@ server_access (rpcsvc_request_t *req)
frame->root->op = GF_FOP_ACCESS;
state = CALL_STATE (frame);
+ if (!state->conn->bound_xl) {
+ /* auth failure, request on subvolume without setvolume */
+ req->rpc_err = GARBAGE_ARGS;
+ goto out;
+ }
state->resolve.type = RESOLVE_MUST;
state->resolve.ino = args.ino;
@@ -4342,6 +4506,11 @@ server_symlink (rpcsvc_request_t *req)
frame->root->op = GF_FOP_SYMLINK;
state = CALL_STATE (frame);
+ if (!state->conn->bound_xl) {
+ /* auth failure, request on subvolume without setvolume */
+ req->rpc_err = GARBAGE_ARGS;
+ goto out;
+ }
state->resolve.type = RESOLVE_NOT;
state->resolve.par = args.par;
@@ -4392,6 +4561,11 @@ server_link (rpcsvc_request_t *req)
frame->root->op = GF_FOP_LINK;
state = CALL_STATE (frame);
+ if (!state->conn->bound_xl) {
+ /* auth failure, request on subvolume without setvolume */
+ req->rpc_err = GARBAGE_ARGS;
+ goto out;
+ }
state->resolve.type = RESOLVE_MUST;
state->resolve.path = gf_strdup (args.oldpath);
@@ -4446,6 +4620,11 @@ server_rename (rpcsvc_request_t *req)
frame->root->op = GF_FOP_RENAME;
state = CALL_STATE (frame);
+ if (!state->conn->bound_xl) {
+ /* auth failure, request on subvolume without setvolume */
+ req->rpc_err = GARBAGE_ARGS;
+ goto out;
+ }
state->resolve.type = RESOLVE_MUST;
state->resolve.path = gf_strdup (args.oldpath);
@@ -4492,6 +4671,11 @@ server_lk (rpcsvc_request_t *req)
frame->root->op = GF_FOP_LK;
state = CALL_STATE (frame);
+ if (!state->conn->bound_xl) {
+ /* auth failure, request on subvolume without setvolume */
+ req->rpc_err = GARBAGE_ARGS;
+ goto out;
+ }
state->resolve.fd_no = args.fd;
state->cmd = args.cmd;
@@ -4563,6 +4747,11 @@ server_rchecksum (rpcsvc_request_t *req)
frame->root->op = GF_FOP_RCHECKSUM;
state = CALL_STATE(frame);
+ if (!state->conn->bound_xl) {
+ /* auth failure, request on subvolume without setvolume */
+ req->rpc_err = GARBAGE_ARGS;
+ goto out;
+ }
state->resolve.type = RESOLVE_MAY;
state->resolve.fd_no = args.fd;
@@ -4631,6 +4820,11 @@ server_lookup (rpcsvc_request_t *req)
*/
state = CALL_STATE (frame);
+ if (!state->conn->bound_xl) {
+ /* auth failure, request on subvolume without setvolume */
+ req->rpc_err = GARBAGE_ARGS;
+ goto out;
+ }
state->resolve.ino = args.ino;
if (state->resolve.ino != 1)
state->resolve.ino = 0;
@@ -4719,6 +4913,11 @@ server_statfs (rpcsvc_request_t *req)
frame->root->op = GF_FOP_STATFS;
state = CALL_STATE (frame);
+ if (!state->conn->bound_xl) {
+ /* auth failure, request on subvolume without setvolume */
+ req->rpc_err = GARBAGE_ARGS;
+ goto out;
+ }
state->resolve.type = RESOLVE_MUST;
state->resolve.ino = args.ino;