Range check the statsVersion argument of the GetStatisitics64 RPC to
avoid a buffer overflow in the fileserver, or a huge memory allocation,
by a rogue client.
FIXES 131803
Change-Id: Ib084ca28cbe350d846fa5978d489e523aaae299b
if ((code = CallPreamble(acall, NOTACTIVECALL, NULL, &tcon, &thost)))
goto Bad_GetStatistics64;
+ if (statsVersion != STATS64_VERSION) {
+ code = EINVAL;
+ goto Bad_GetStatistics64;
+ }
+
ViceLog(1, ("SAFS_GetStatistics64 Received\n"));
Statistics->ViceStatistics64_val =
malloc(statsVersion*sizeof(afs_uint64));