2017-11-19 16:24 GMT-08:00 Ronnie Sahlberg <lsahlber@xxxxxxxxxx>: > Signed-off-by: Ronnie Sahlberg <lsahlber@xxxxxxxxxx> > --- > fs/cifs/smb2pdu.c | 13 ++++++------- > fs/cifs/smb2pdu.h | 2 +- > 2 files changed, 7 insertions(+), 8 deletions(-) > > diff --git a/fs/cifs/smb2pdu.c b/fs/cifs/smb2pdu.c > index c1dd5961cf3f..d1242b1c9c35 100644 > --- a/fs/cifs/smb2pdu.c > +++ b/fs/cifs/smb2pdu.c > @@ -3521,34 +3521,33 @@ smb2_lockv(const unsigned int xid, struct cifs_tcon *tcon, > int resp_buf_type; > unsigned int count; > int flags = CIFS_NO_RESP; > + unsigned int total_len; > > cifs_dbg(FYI, "smb2_lockv num lock %d\n", num_lock); > > - rc = small_smb2_init(SMB2_LOCK, tcon, (void **) &req); > + rc = smb2_plain_req_init(SMB2_LOCK, tcon, (void **) &req, &total_len); > if (rc) > return rc; > > if (encryption_required(tcon)) > flags |= CIFS_TRANSFORM_REQ; > > - req->hdr.sync_hdr.ProcessId = cpu_to_le32(pid); > + req->sync_hdr.ProcessId = cpu_to_le32(pid); > req->LockCount = cpu_to_le16(num_lock); > > req->PersistentFileId = persist_fid; > req->VolatileFileId = volatile_fid; > > count = num_lock * sizeof(struct smb2_lock_element); > - inc_rfc1001_len(req, count - sizeof(struct smb2_lock_element)); StructureSize already has one lock element inside... > > iov[0].iov_base = (char *)req; > - /* 4 for rfc1002 length field and count for all locks */ > - iov[0].iov_len = get_rfc1002_length(req) + 4 - count; > + iov[0].iov_len = total_len; ... which should be accounted here by substracting sizeof(struct smb2_lock_element) from total_len. > iov[1].iov_base = (char *)buf; > iov[1].iov_len = count; This was caught by running cthon tests against the patchset. -- Best regards, Pavel Shilovsky -- To unsubscribe from this list: send the line "unsubscribe linux-cifs" in the body of a message to majordomo@xxxxxxxxxxxxxxx More majordomo info at http://vger.kernel.org/majordomo-info.html
