tjh.dev / kernel
Linux kernel mirror (for testing) git.kernel.org/pub/scm/linux/kernel/git/torvalds/linux.git
kernel os linux
1
fork

Configure Feed

Select the types of activity you want to include in your feed.

Merge git://git.samba.org/sfrench/cifs-2.6

* git://git.samba.org/sfrench/cifs-2.6:
cifs: Fix oops in session setup code for null user mounts
[CIFS] Update cifs Kconfig title to match removal of experimental dependency
cifs: fix printk format warnings
cifs: check offset in decode_ntlmssp_challenge()
cifs: NULL dereference on allocation failure

Linus Torvalds 84f8bf38 e25c1733

+15 -14
+2 -2
fs/cifs/Kconfig
··· 139 139 points. If unsure, say N. 140 140 141 141 config CIFS_FSCACHE 142 - bool "Provide CIFS client caching support (EXPERIMENTAL)" 142 + bool "Provide CIFS client caching support" 143 143 depends on CIFS=m && FSCACHE || CIFS=y && FSCACHE=y 144 144 help 145 145 Makes CIFS FS-Cache capable. Say Y here if you want your CIFS data ··· 147 147 manager. If unsure, say N. 148 148 149 149 config CIFS_ACL 150 - bool "Provide CIFS ACL support (EXPERIMENTAL)" 150 + bool "Provide CIFS ACL support" 151 151 depends on CIFS_XATTR && KEYS 152 152 help 153 153 Allows to fetch CIFS/NTFS ACL from the server. The DACL blob
+6 -8
fs/cifs/connect.c
··· 2142 2142 2143 2143 len = delim - payload; 2144 2144 if (len > MAX_USERNAME_SIZE || len <= 0) { 2145 - cFYI(1, "Bad value from username search (len=%ld)", len); 2145 + cFYI(1, "Bad value from username search (len=%zd)", len); 2146 2146 rc = -EINVAL; 2147 2147 goto out_key_put; 2148 2148 } 2149 2149 2150 2150 vol->username = kstrndup(payload, len, GFP_KERNEL); 2151 2151 if (!vol->username) { 2152 - cFYI(1, "Unable to allocate %ld bytes for username", len); 2152 + cFYI(1, "Unable to allocate %zd bytes for username", len); 2153 2153 rc = -ENOMEM; 2154 2154 goto out_key_put; 2155 2155 } ··· 2157 2157 2158 2158 len = key->datalen - (len + 1); 2159 2159 if (len > MAX_PASSWORD_SIZE || len <= 0) { 2160 - cFYI(1, "Bad len for password search (len=%ld)", len); 2160 + cFYI(1, "Bad len for password search (len=%zd)", len); 2161 2161 rc = -EINVAL; 2162 2162 kfree(vol->username); 2163 2163 vol->username = NULL; ··· 2167 2167 ++delim; 2168 2168 vol->password = kstrndup(delim, len, GFP_KERNEL); 2169 2169 if (!vol->password) { 2170 - cFYI(1, "Unable to allocate %ld bytes for password", len); 2170 + cFYI(1, "Unable to allocate %zd bytes for password", len); 2171 2171 rc = -ENOMEM; 2172 2172 kfree(vol->username); 2173 2173 vol->username = NULL; ··· 3857 3857 struct smb_vol *vol_info; 3858 3858 3859 3859 vol_info = kzalloc(sizeof(*vol_info), GFP_KERNEL); 3860 - if (vol_info == NULL) { 3861 - tcon = ERR_PTR(-ENOMEM); 3862 - goto out; 3863 - } 3860 + if (vol_info == NULL) 3861 + return ERR_PTR(-ENOMEM); 3864 3862 3865 3863 vol_info->local_nls = cifs_sb->local_nls; 3866 3864 vol_info->linux_uid = fsuid;
+7 -4
fs/cifs/sess.c
··· 246 246 /* copy user */ 247 247 /* BB what about null user mounts - check that we do this BB */ 248 248 /* copy user */ 249 - if (ses->user_name != NULL) 249 + if (ses->user_name != NULL) { 250 250 strncpy(bcc_ptr, ses->user_name, MAX_USERNAME_SIZE); 251 + bcc_ptr += strnlen(ses->user_name, MAX_USERNAME_SIZE); 252 + } 251 253 /* else null user mount */ 252 - 253 - bcc_ptr += strnlen(ses->user_name, MAX_USERNAME_SIZE); 254 254 *bcc_ptr = 0; 255 255 bcc_ptr++; /* account for null termination */ 256 256 257 257 /* copy domain */ 258 - 259 258 if (ses->domainName != NULL) { 260 259 strncpy(bcc_ptr, ses->domainName, 256); 261 260 bcc_ptr += strnlen(ses->domainName, 256); ··· 394 395 ses->ntlmssp->server_flags = le32_to_cpu(pblob->NegotiateFlags); 395 396 tioffset = le32_to_cpu(pblob->TargetInfoArray.BufferOffset); 396 397 tilen = le16_to_cpu(pblob->TargetInfoArray.Length); 398 + if (tioffset > blob_len || tioffset + tilen > blob_len) { 399 + cERROR(1, "tioffset + tilen too high %u + %u", tioffset, tilen); 400 + return -EINVAL; 401 + } 397 402 if (tilen) { 398 403 ses->auth_key.response = kmalloc(tilen, GFP_KERNEL); 399 404 if (!ses->auth_key.response) {