summaryrefslogtreecommitdiff
diff options
context:
space:
mode:
authorPaulo Alcantara <pc@manguebit.com>2023-12-16 07:10:04 +0300
committerGreg Kroah-Hartman <gregkh@linuxfoundation.org>2024-01-01 15:42:43 +0300
commit6630441cc2e8f1f132636c992d65afbe269f3ad7 (patch)
tree10b833f041c1f6a6f6fc714150a4f62ed6b48eee
parentc0e98de95072f5462c475dcc1ae44ed9f500b2cb (diff)
downloadlinux-6630441cc2e8f1f132636c992d65afbe269f3ad7.tar.xz
smb: client: fix potential OOB in cifs_dump_detail()
commit b50492b05fd02887b46aef079592207fb5c97a4c upstream. Validate SMB message with ->check_message() before calling ->calc_smb_size(). Signed-off-by: Paulo Alcantara (SUSE) <pc@manguebit.com> Cc: stable@vger.kernel.org Signed-off-by: Steve French <stfrench@microsoft.com> Signed-off-by: Greg Kroah-Hartman <gregkh@linuxfoundation.org>
Diffstat
-rw-r--r--fs/smb/client/cifs_debug.c12
1 files changed, 7 insertions, 5 deletions
diff --git a/fs/smb/client/cifs_debug.c b/fs/smb/client/cifs_debug.c
index 16282ecfe17a..a2584ad8808a 100644
--- a/fs/smb/client/cifs_debug.c
+++ b/fs/smb/client/cifs_debug.c
@@ -40,11 +40,13 @@ void cifs_dump_detail(void *buf, struct TCP_Server_Info *server)
#ifdef CONFIG_CIFS_DEBUG2
struct smb_hdr *smb = buf;
- cifs_dbg(VFS, "Cmd: %d Err: 0x%x Flags: 0x%x Flgs2: 0x%x Mid: %d Pid: %d\n",
- smb->Command, smb->Status.CifsError,
- smb->Flags, smb->Flags2, smb->Mid, smb->Pid);
- cifs_dbg(VFS, "smb buf %p len %u\n", smb,
- server->ops->calc_smb_size(smb));
+ cifs_dbg(VFS, "Cmd: %d Err: 0x%x Flags: 0x%x Flgs2: 0x%x Mid: %d Pid: %d Wct: %d\n",
+ smb->Command, smb->Status.CifsError, smb->Flags,
+ smb->Flags2, smb->Mid, smb->Pid, smb->WordCount);
+ if (!server->ops->check_message(buf, server->total_read, server)) {
+ cifs_dbg(VFS, "smb buf %p len %u\n", smb,
+ server->ops->calc_smb_size(smb));
+ }
#endif /* CONFIG_CIFS_DEBUG2 */
}
generated by cgit v1.2.3 (git 2.39.0) at 2024-08-10 17:36:31 +0300