tjh.dev / kernel
Linux kernel mirror (for testing) git.kernel.org/pub/scm/linux/kernel/git/torvalds/linux.git
kernel os linux
fork atom

smb3.11: replace a 4 with server->vals->header_preamble_size

More cleanup of use of hardcoded 4 byte RFC1001 field size

Signed-off-by: Steve French <smfrench@gmail.com>
Reviewed-by: Pavel Shilovsky <pshilov@microsoft.com>
Reviewed-by: Ronnie Sahlberg <lsahlber@redhat.com>

Steve French 0d4b46ba 9fdd2e00

+9 -5
unified split
+7 -4
fs/cifs/smb2misc.c
··· 94 }; 95 96 #ifdef CONFIG_CIFS_SMB311 97 - static __u32 get_neg_ctxt_len(struct smb2_hdr *hdr, __u32 len, __u32 non_ctxlen) 98 { 99 __u16 neg_count; 100 __u32 nc_offset, size_of_pad_before_neg_ctxts; ··· 109 110 /* Make sure that negotiate contexts start after gss security blob */ 111 nc_offset = le32_to_cpu(pneg_rsp->NegotiateContextOffset); 112 - if (nc_offset < non_ctxlen - 4 /* RFC1001 len field */) { 113 printk_once(KERN_WARNING "invalid negotiate context offset\n"); 114 return 0; 115 } 116 - size_of_pad_before_neg_ctxts = nc_offset - (non_ctxlen - 4); 117 118 /* Verify that at least minimal negotiate contexts fit within frame */ 119 if (len < nc_offset + (neg_count * sizeof(struct smb2_neg_context))) { ··· 237 238 #ifdef CONFIG_CIFS_SMB311 239 if (shdr->Command == SMB2_NEGOTIATE) 240 - clc_len += get_neg_ctxt_len(hdr, len, clc_len); 241 #endif /* SMB311 */ 242 if (srvr->vals->header_preamble_size + len != clc_len) { 243 cifs_dbg(FYI, "Calculated size %u length %zu mismatch mid %llu\n",
··· 94 }; 95 96 #ifdef CONFIG_CIFS_SMB311 97 + static __u32 get_neg_ctxt_len(struct smb2_hdr *hdr, __u32 len, __u32 non_ctxlen, 98 + size_t hdr_preamble_size) 99 { 100 __u16 neg_count; 101 __u32 nc_offset, size_of_pad_before_neg_ctxts; ··· 108 109 /* Make sure that negotiate contexts start after gss security blob */ 110 nc_offset = le32_to_cpu(pneg_rsp->NegotiateContextOffset); 111 + if (nc_offset < non_ctxlen - hdr_preamble_size /* RFC1001 len */) { 112 printk_once(KERN_WARNING "invalid negotiate context offset\n"); 113 return 0; 114 } 115 + size_of_pad_before_neg_ctxts = nc_offset - 116 + (non_ctxlen - hdr_preamble_size); 117 118 /* Verify that at least minimal negotiate contexts fit within frame */ 119 if (len < nc_offset + (neg_count * sizeof(struct smb2_neg_context))) { ··· 235 236 #ifdef CONFIG_CIFS_SMB311 237 if (shdr->Command == SMB2_NEGOTIATE) 238 + clc_len += get_neg_ctxt_len(hdr, len, clc_len, 239 + srvr->vals->header_preamble_size); 240 #endif /* SMB311 */ 241 if (srvr->vals->header_preamble_size + len != clc_len) { 242 cifs_dbg(FYI, "Calculated size %u length %zu mismatch mid %llu\n",
+2 -1
fs/cifs/smb2pdu.c
··· 474 if (len_of_ctxts < sizeof(struct smb2_neg_context)) 475 break; 476 477 - pctx = (struct smb2_neg_context *)(offset + 4 + (char *)rsp); 478 clen = le16_to_cpu(pctx->DataLength); 479 if (clen > len_of_ctxts) 480 break;
··· 474 if (len_of_ctxts < sizeof(struct smb2_neg_context)) 475 break; 476 477 + pctx = (struct smb2_neg_context *)(offset + 478 + server->vals->header_preamble_size + (char *)rsp); 479 clen = le16_to_cpu(pctx->DataLength); 480 if (clen > len_of_ctxts) 481 break;