summaryrefslogtreecommitdiffstats
path: root/fs/cifs/readdir.c
diff options
context:
space:
mode:
authorSteve French <smfrench@austin.rr.com>2005-04-28 22:41:08 -0700
committerLinus Torvalds <torvalds@ppc970.osdl.org>2005-04-28 22:41:08 -0700
commit09d1db5c6131232f764046160c29118cd4e5e646 (patch)
tree198d0b03c0afa7974cd6dcea4e711351f4e056eb /fs/cifs/readdir.c
parent966ca9234754ece58870075972ef103e354de075 (diff)
downloadop-kernel-dev-09d1db5c6131232f764046160c29118cd4e5e646.zip
op-kernel-dev-09d1db5c6131232f764046160c29118cd4e5e646.tar.gz
[PATCH] cifs: improve check for search entry going beyond end of SMB transact
Signed-off-by: Steve French (sfrench@us.ibm.com) Signed-off-by: Linus Torvalds <torvalds@osdl.org>
Diffstat (limited to 'fs/cifs/readdir.c')
-rw-r--r--fs/cifs/readdir.c11
1 files changed, 8 insertions, 3 deletions
diff --git a/fs/cifs/readdir.c b/fs/cifs/readdir.c
index 39170cf..2255771 100644
--- a/fs/cifs/readdir.c
+++ b/fs/cifs/readdir.c
@@ -409,10 +409,15 @@ static char *nxt_dir_entry(char *old_entry, char *end_of_smb)
cFYI(1,("new entry %p old entry %p",new_entry,old_entry));
/* validate that new_entry is not past end of SMB */
if(new_entry >= end_of_smb) {
- cFYI(1,("search entry %p began after end of SMB %p old entry %p",
- new_entry,end_of_smb,old_entry));
+ cERROR(1,
+ ("search entry %p began after end of SMB %p old entry %p",
+ new_entry, end_of_smb, old_entry));
return NULL;
- } else
+ } else if (new_entry + sizeof(FILE_DIRECTORY_INFO) > end_of_smb) {
+ cERROR(1,("search entry %p extends after end of SMB %p",
+ new_entry, end_of_smb));
+ return NULL;
+ } else
return new_entry;
}
OpenPOWER on IntegriCloud