LU-12604 mdt: check field size of sec context name

In request received from client, check that claimed size of
RMF_FILE_SECCTX_NAME field is consistent with expected content,
which is supposed to be an extended attribute name.

Test-Parameters: clientselinux testlist=sanity,recovery-small,sanity-selinux envdefinitions=SANITY_EXCEPT="271f"
Reported-by: Alibaba Cloud <yunye.ry@alibaba-inc.com>
Signed-off-by: Sebastien Buisson <sbuisson@ddn.com>
Change-Id: Ice96f0e03f790b334fcdf64ae4becef2e39738f4
Reviewed-on: https://review.whamcloud.com/35655
Tested-by: jenkins <devops@whamcloud.com>
Tested-by: Maloo <maloo@whamcloud.com>
Reviewed-by: Patrick Farrell <pfarrell@whamcloud.com>
Reviewed-by: Andreas Dilger <adilger@whamcloud.com>
Reviewed-by: Oleg Drokin <green@whamcloud.com>

diff --git a/lustre/mdt/mdt_lib.c b/lustre/mdt/mdt_lib.c
index a970511..a09997d 100644 (file)
--- a/lustre/mdt/mdt_lib.c
+++ b/lustre/mdt/mdt_lib.c
@@ -1068,6 +1068,9 @@ static int mdt_file_secctx_unpack(struct req_capsule *pill,
        if (name_size == 0)
                return 0;
 
+       if (name_size > XATTR_NAME_MAX + 1)
+               return -EPROTO;
+
        name = req_capsule_client_get(pill, &RMF_FILE_SECCTX_NAME);
        if (strnlen(name, name_size) != name_size - 1)
                return -EPROTO;