[NFS-Ganesha-Devel] Re: Tirpc and PORTMAP for communitarian with rpc.statd
On 10/25/18 12:17 AM, Suhrud Patankar wrote:
if (addr->len < sizeof(cu->cu_raddr))
The addr is IPv4 but cu->cu_raddr is IPv6.
We want to copy the addr->buf to cu->cu_raddr but it is failing even
if addr->len is less than sizeof(cu->cu_raddr).
The if() above is buggy.
You are correct. That < should be >, to prevent copying too large an
address in the memcpy(). That line hasn't been touched since the fork,
and this bug is still in tirpc 1.0.2.
If I disable PORTMAP then tirpc uses TCP to connect to statd and
does
not set the addr->len as per IPV4. So the code goes through correctly.
This is the underlying problem. This version of the code is so old
that it never gets tested, because nobody requires UDP instead of TCP.
That's left over from 20 years ago. Better to just remove all the
PORTMAP code entirely. IMnsHO.