LU-12613 ptlrpc: check buffer length in lustre_msg_string()

Check buffer length in lustre_msg_string() in case of any invalid
access.

Lustre-change: https://review.whamcloud.com/35932
Lustre-commit: 728c58d60faef288eb7d05d8809fa2b1a55ade89

Change-Id: I286000db16384938a594bd8d104e5f3d0fff585a
Reported-by: Alibaba Cloud <yunye.ry@alibaba-inc.com>
Signed-off-by: Emoly Liu <emoly@whamcloud.com>
Reviewed-by: Andreas Dilger <adilger@whamcloud.com>
Reviewed-by: Hongchao Zhang <hongchao@whamcloud.com>
Reviewed-by: Yunye Ry <yunye.ry@alibaba-inc.com>
Signed-off-by: Minh Diep <mdiep@whamcloud.com>
Reviewed-on: https://review.whamcloud.com/36209
Tested-by: jenkins <devops@whamcloud.com>
Tested-by: Maloo <maloo@whamcloud.com>

diff --git a/lustre/ptlrpc/pack_generic.c b/lustre/ptlrpc/pack_generic.c
index 787a608..ec93e42 100644 (file)
--- a/lustre/ptlrpc/pack_generic.c
+++ b/lustre/ptlrpc/pack_generic.c
@@ -772,6 +772,11 @@ char *lustre_msg_string(struct lustre_msg *m, __u32 index, __u32 max_len)
                         "msg %p buffer[%d] len %d\n", m, index, blen);
                 return NULL;
         }
+       if (blen > PTLRPC_MAX_BUFLEN) {
+               CERROR("buffer length of msg %p buffer[%d] is invalid(%d)\n",
+                      m, index, blen);
+               return NULL;
+       }
 
         if (max_len == 0) {
                 if (slen != blen - 1) {