rpms / kernel

Clone
Source Code
GIT

Files

  1.   25d533701f34bc69a83aecf3f5f6b3e79c0f7633
  2.   cifs-mask-off-top-byte-in-get_rfc1002_length.patch
Blob Blame History Raw 
Path: news.gmane.org!not-for-mail
From: Jeff Layton <jlayton-H+wXaHxf7aLQT0dZR+AlfA@public.gmane.org>
Newsgroups: gmane.linux.kernel.cifs
Subject: [PATCH] cifs: mask off top byte in get_rfc1002_length()
Date: Tue, 25 Feb 2014 05:27:17 -0800
Lines: 31
Approved: news@gmane.org
Message-ID: <1393334837-6480-1-git-send-email-jlayton@redhat.com>
NNTP-Posting-Host: plane.gmane.org
X-Trace: ger.gmane.org 1393334843 15695 80.91.229.3 (25 Feb 2014 13:27:23 GMT)
X-Complaints-To: usenet@ger.gmane.org
NNTP-Posting-Date: Tue, 25 Feb 2014 13:27:23 +0000 (UTC)
Cc: klaus-jjkdzbv0JQgAvxtiuMwx3w@public.gmane.org, sprabhu-H+wXaHxf7aLQT0dZR+AlfA@public.gmane.org, linux-cifs-u79uwXL29TY76Z2rM5mHXA@public.gmane.org
To: smfrench-Re5JQEeQqe8AvxtiuMwx3w@public.gmane.org
Original-X-From: linux-cifs-owner-u79uwXL29TY76Z2rM5mHXA@public.gmane.org Tue Feb 25 14:27:30 2014
Return-path: <linux-cifs-owner-u79uwXL29TY76Z2rM5mHXA@public.gmane.org>
Envelope-to: glkc-linux-cifs-wOFGN7rlS/M9smdsby/KFg@public.gmane.org
Original-Received: from vger.kernel.org ([209.132.180.67])
	by plane.gmane.org with esmtp (Exim 4.69)
	(envelope-from <linux-cifs-owner-u79uwXL29TY76Z2rM5mHXA@public.gmane.org>)
	id 1WII2h-0005Fo-GS
	for glkc-linux-cifs-wOFGN7rlS/M9smdsby/KFg@public.gmane.org; Tue, 25 Feb 2014 14:27:27 +0100
Original-Received: (majordomo-u79uwXL29TY76Z2rM5mHXA@public.gmane.org) by vger.kernel.org via listexpand
	id S1752439AbaBYN10 (ORCPT <rfc822;glkc-linux-cifs@m.gmane.org>);
	Tue, 25 Feb 2014 08:27:26 -0500
Original-Received: from mail-pa0-f41.google.com ([209.85.220.41]:49339 "EHLO
	mail-pa0-f41.google.com" rhost-flags-OK-OK-OK-OK) by vger.kernel.org
	with ESMTP id S1752329AbaBYN10 (ORCPT
	<rfc822;linux-cifs-u79uwXL29TY76Z2rM5mHXA@public.gmane.org>); Tue, 25 Feb 2014 08:27:26 -0500
Original-Received: by mail-pa0-f41.google.com with SMTP id fa1so8081181pad.14
        for <linux-cifs-u79uwXL29TY76Z2rM5mHXA@public.gmane.org>; Tue, 25 Feb 2014 05:27:25 -0800 (PST)
X-Google-DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed;
        d=1e100.net; s=20130820;
        h=x-gm-message-state:sender:from:to:cc:subject:date:message-id;
        bh=I4guc46K5w45idU9LGsBcibRE60G/EkhmnDXX8d4lFc=;
        b=YI5Ag6zKBzcWzALN9+g56fwi/XbV8N9i0JCfbhVRCEv9/JYNUHzVBZ+WO3Wqaf54U/
         qNNjrH1Io0LpiVTF5+ZuiDEee4Vt8QbMP7iD7rkxh4RZq9clRgum/wVTwV5l/SfIwud7
         HqGJlJ3jSGtTO4bhBuvX5mD4FrHw4RZJvaWzowzMvYH536b8nZu9typSL4G+KQEV34la
         19S6ikv1BjtJ49PUS3Gf9xMsqwkJNrLVBauag3yqhztcTSnP5UrxuauSWX0c68R2Lt70
         hdx5HGMQ0P2wgG6+Qvs3tEl2+infCJkpOH5X7KSvN1pT9hxtt6iE5QGFh5dtUTKe7FlA
         /grg==
X-Gm-Message-State: ALoCoQlVCE5L6UI8IEC9kyuJlrAWBVyYN/eaeZJVp0fm2f2fDE/042yEkI6q9uGoP1vHrftB4/7C
X-Received: by 10.69.31.65 with SMTP id kk1mr6563795pbd.47.1393334845726;
        Tue, 25 Feb 2014 05:27:25 -0800 (PST)
Original-Received: from corrin.poochiereds.net.cthon.org (64-71-23-226.static.wiline.com. [64.71.23.226])
        by mx.google.com with ESMTPSA id eb5sm143431078pad.22.2014.02.25.05.27.24
        for <multiple recipients>
        (version=TLSv1.2 cipher=ECDHE-RSA-AES128-GCM-SHA256 bits=128/128);
        Tue, 25 Feb 2014 05:27:25 -0800 (PST)
X-Mailer: git-send-email 1.8.5.3
Original-Sender: linux-cifs-owner-u79uwXL29TY76Z2rM5mHXA@public.gmane.org
Precedence: bulk
List-ID: <linux-cifs.vger.kernel.org>
X-Mailing-List: linux-cifs-u79uwXL29TY76Z2rM5mHXA@public.gmane.org
Xref: news.gmane.org gmane.linux.kernel.cifs:9419
Archived-At: <http://permalink.gmane.org/gmane.linux.kernel.cifs/9419>

The 32-bit rfc1002 header field consists of a type byte and then a
24-bit length field, but get_rfc1002_length doesn't mask off the top
byte.

In most cases, it's not a problem since the RFC1002_SESSION_MESSAGE type
is '\0', but when doing a RFC1002 session establishment, the type is
non-zero and that throws off the returned length in smb_send_rqst.

Reported-by: klaus-jjkdzbv0JQgAvxtiuMwx3w@public.gmane.org
Tested-by: Sachin Prabhu <sprabhu-H+wXaHxf7aLQT0dZR+AlfA@public.gmane.org>
Signed-off-by: Jeff Layton <jlayton-H+wXaHxf7aLQT0dZR+AlfA@public.gmane.org>
---
 fs/cifs/cifsglob.h | 2 +-
 1 file changed, 1 insertion(+), 1 deletion(-)

diff --git a/fs/cifs/cifsglob.h b/fs/cifs/cifsglob.h
index e7fe49e..45376a4 100644
--- a/fs/cifs/cifsglob.h
+++ b/fs/cifs/cifsglob.h
@@ -506,7 +506,7 @@ struct cifs_mnt_data {
 static inline unsigned int
 get_rfc1002_length(void *buf)
 {
-	return be32_to_cpu(*((__be32 *)buf));
+	return be32_to_cpu(*((__be32 *)buf)) & 0xffffff;
 }
 
 static inline void
-- 
1.8.5.3
Powered by Pagure 5.13.3
DocumentationFile an IssueAbout this InstanceSSH Hostkey/Fingerprint
© Red Hat, Inc. and others.