[CIFS] Fix walking out end of cifs dacl

Acked-by: Shirish Pargaonkar <shirishp@us.ibm.com>
Signed-off-by: Steve French <sfrench@us.ibm.com>
This commit is contained in:
Steve French 2007-11-05 21:46:10 +00:00
parent f1d662a7d5
commit 63d2583f5a
7 changed files with 19 additions and 14 deletions

View File

@ -327,7 +327,7 @@ static int parse_sec_desc(struct cifs_ntsd *pntsd, int acl_len,
group_sid_ptr = (struct cifs_sid *)((char *)pntsd +
le32_to_cpu(pntsd->gsidoffset));
dacloffset = le32_to_cpu(pntsd->dacloffset);
dacl_ptr = (struct cifs_acl *)(char *)pntsd + dacloffset;
dacl_ptr = (struct cifs_acl *)((char *)pntsd + dacloffset);
#ifdef CONFIG_CIFS_DEBUG2
cFYI(1, ("revision %d type 0x%x ooffset 0x%x goffset 0x%x "
"sacloffset 0x%x dacloffset 0x%x",
@ -346,7 +346,7 @@ static int parse_sec_desc(struct cifs_ntsd *pntsd, int acl_len,
if (dacloffset)
parse_dacl(dacl_ptr, end_of_acl, owner_sid_ptr,
group_sid_ptr, inode);
group_sid_ptr, inode);
else
cFYI(1, ("no ACL")); /* BB grant all or default perms? */

View File

@ -35,6 +35,9 @@
#define UBITSHIFT 6
#define GBITSHIFT 3
#define ACCESS_ALLOWED 0
#define ACCESS_DENIED 1
struct cifs_ntsd {
__le16 revision; /* revision level */
__le16 type;

View File

@ -108,7 +108,7 @@ static int cifs_calc_signature2(const struct kvec *iov, int n_vec,
/* The first entry includes a length field (which does not get
signed that occupies the first 4 bytes before the header */
if (i == 0) {
if (iov[0].iov_len <= 8 ) /* cmd field at offset 9 */
if (iov[0].iov_len <= 8) /* cmd field at offset 9 */
break; /* nothing to sign or corrupt header */
MD5Update(&context, iov[0].iov_base+4,
iov[0].iov_len-4);
@ -123,7 +123,7 @@ static int cifs_calc_signature2(const struct kvec *iov, int n_vec,
int cifs_sign_smb2(struct kvec *iov, int n_vec, struct TCP_Server_Info *server,
__u32 * pexpected_response_sequence_number)
__u32 *pexpected_response_sequence_number)
{
int rc = 0;
char smb_signature[20];

View File

@ -770,7 +770,7 @@ cifs_print_status(__u32 status_code)
static void
ntstatus_to_dos(__u32 ntstatus, __u8 * eclass, __u16 * ecode)
ntstatus_to_dos(__u32 ntstatus, __u8 *eclass, __u16 *ecode)
{
int i;
if (ntstatus == 0) {

View File

@ -495,7 +495,7 @@ ffirst_retry:
static int cifs_unicode_bytelen(char *str)
{
int len;
__le16 * ustr = (__le16 *)str;
__le16 *ustr = (__le16 *)str;
for (len = 0; len <= PATH_MAX; len++) {
if (ustr[len] == 0)

View File

@ -80,7 +80,7 @@ SMBencrypt(unsigned char *passwd, unsigned char *c8, unsigned char *p24)
/* Routines for Windows NT MD4 Hash functions. */
static int
_my_wcslen(__u16 * str)
_my_wcslen(__u16 *str)
{
int len = 0;
while (*str++ != 0)
@ -96,7 +96,7 @@ _my_wcslen(__u16 * str)
*/
static int
_my_mbstowcs(__u16 * dst, const unsigned char *src, int len)
_my_mbstowcs(__u16 *dst, const unsigned char *src, int len)
{ /* BB not a very good conversion routine - change/fix */
int i;
__u16 val;
@ -125,9 +125,9 @@ E_md4hash(const unsigned char *passwd, unsigned char *p16)
/* Password cannot be longer than 128 characters */
if (passwd) {
len = strlen((char *) passwd);
if (len > 128) {
if (len > 128)
len = 128;
}
/* Password must be converted to NT unicode */
_my_mbstowcs(wpwd, passwd, len);
} else
@ -189,8 +189,10 @@ ntv2_owf_gen(const unsigned char owf[16], const char *user_n,
return;
dom_u = user_u + 1024;
/* push_ucs2(NULL, user_u, user_n, (user_l+1)*2, STR_UNICODE|STR_NOALIGN|STR_TERMINATE|STR_UPPER);
push_ucs2(NULL, dom_u, domain_n, (domain_l+1)*2, STR_UNICODE|STR_NOALIGN|STR_TERMINATE|STR_UPPER); */
/* push_ucs2(NULL, user_u, user_n, (user_l+1)*2,
STR_UNICODE|STR_NOALIGN|STR_TERMINATE|STR_UPPER);
push_ucs2(NULL, dom_u, domain_n, (domain_l+1)*2,
STR_UNICODE|STR_NOALIGN|STR_TERMINATE|STR_UPPER); */
/* BB user and domain may need to be uppercased */
user_l = cifs_strtoUCS(user_u, user_n, 511, nls_codepage);

View File

@ -267,7 +267,7 @@ ssize_t cifs_getxattr(struct dentry *direntry, const char *ea_name,
int oplock = FALSE;
struct cifs_ntsd *pacl = NULL;
__u32 buflen = 0;
if (experimEnabled)
if (experimEnabled)
rc = CIFSSMBOpen(xid, pTcon, full_path,
FILE_OPEN, GENERIC_READ, 0, &fid,
&oplock, NULL, cifs_sb->local_nls,
@ -275,7 +275,7 @@ ssize_t cifs_getxattr(struct dentry *direntry, const char *ea_name,
CIFS_MOUNT_MAP_SPECIAL_CHR);
/* else rc is EOPNOTSUPP from above */
if(rc == 0) {
if (rc == 0) {
rc = CIFSSMBGetCIFSACL(xid, pTcon, fid, &pacl,
&buflen);
CIFSSMBClose(xid, pTcon, fid);