[PATCH] setcifsacl: fix offset calculation in "set" code

[Date Prev][Date Next][Thread Prev][Thread Next][Date Index][Thread Index]

 



Previously the code assumed that the ACE that was copied was of a
fixed size. Save off the return value from copy_ace and ensure that
we apply it correctly to the size and offset.

Reported-by: Jian Li <jiali@xxxxxxxxxx>
Signed-off-by: Jeff Layton <jlayton@xxxxxxxxx>
---
 setcifsacl.c | 7 ++++---
 1 file changed, 4 insertions(+), 3 deletions(-)

diff --git a/setcifsacl.c b/setcifsacl.c
index 7f92b91..67dd29c 100644
--- a/setcifsacl.c
+++ b/setcifsacl.c
@@ -183,7 +183,7 @@ static int
 ace_set(struct cifs_ntsd *pntsd, struct cifs_ntsd **npntsd, ssize_t *bufsize,
 			struct cifs_ace **cacesptr, int numcaces)
 {
-	int i, rc, acessize = 0;
+	int i, rc, size = 0, acessize = 0;
 	size_t acesoffset;
 	char *acesptr;
 
@@ -193,8 +193,9 @@ ace_set(struct cifs_ntsd *pntsd, struct cifs_ntsd **npntsd, ssize_t *bufsize,
 
 	acesptr = (char *)*npntsd + acesoffset;
 	for (i = 0; i < numcaces; ++i) {
-		acessize += copy_ace((struct cifs_ace *)acesptr, cacesptr[i]);
-		acesptr += sizeof(struct cifs_ace);
+		size = copy_ace((struct cifs_ace *)acesptr, cacesptr[i]);
+		acessize += size;
+		acesptr += size;
 	}
 	copy_sec_desc(pntsd, *npntsd, numcaces, acessize);
 	acesptr = (char *)*npntsd + acesoffset;
-- 
1.7.11.7

--
To unsubscribe from this list: send the line "unsubscribe linux-cifs" in
the body of a message to majordomo@xxxxxxxxxxxxxxx
More majordomo info at  http://vger.kernel.org/majordomo-info.html


[Linux USB Devel]     [Video for Linux]     [Linux Audio Users]     [Yosemite News]     [Linux Kernel]     [Linux SCSI]

  Powered by Linux