updated in cifs-2.6.git for-next with this later version of the patch
On Tue, Jan 8, 2019 at 6:45 AM Aurelien Aptel <aaptel@xxxxxxxx> wrote:
>
> Signed-off-by: Aurelien Aptel <aaptel@xxxxxxxx>
> ---
>
> Changes since v1:
> * alloc MAX_TREE_SIZE instead of MAX_TREE_SIZE+1 as null is already
> taken into account in the definition of it and snprintf always
> NULL-terminates within the size param.
>
> fs/cifs/cifssmb.c | 23 ++++++++++++++++-------
> fs/cifs/smb2pdu.c | 23 ++++++++++++++++-------
> 2 files changed, 32 insertions(+), 14 deletions(-)
>
> diff --git a/fs/cifs/cifssmb.c b/fs/cifs/cifssmb.c
> index b1f49c1c543a..332f88d753d1 100644
> --- a/fs/cifs/cifssmb.c
> +++ b/fs/cifs/cifssmb.c
> @@ -128,24 +128,31 @@ static int __cifs_reconnect_tcon(const struct nls_table *nlsc,
> int rc;
> struct dfs_cache_tgt_list tl;
> struct dfs_cache_tgt_iterator *it = NULL;
> - char tree[MAX_TREE_SIZE + 1];
> + char *tree;
> const char *tcp_host;
> size_t tcp_host_len;
> const char *dfs_host;
> size_t dfs_host_len;
>
> + tree = kzalloc(MAX_TREE_SIZE, GFP_KERNEL);
> + if (!tree)
> + return -ENOMEM;
> +
> if (tcon->ipc) {
> - snprintf(tree, sizeof(tree), "\\\\%s\\IPC$",
> + snprintf(tree, MAX_TREE_SIZE, "\\\\%s\\IPC$",
> tcon->ses->server->hostname);
> - return CIFSTCon(0, tcon->ses, tree, tcon, nlsc);
> + rc = CIFSTCon(0, tcon->ses, tree, tcon, nlsc);
> + goto out;
> }
>
> - if (!tcon->dfs_path)
> - return CIFSTCon(0, tcon->ses, tcon->treeName, tcon, nlsc);
> + if (!tcon->dfs_path) {
> + rc = CIFSTCon(0, tcon->ses, tcon->treeName, tcon, nlsc);
> + goto out;
> + }
>
> rc = dfs_cache_noreq_find(tcon->dfs_path + 1, NULL, &tl);
> if (rc)
> - return rc;
> + goto out;
>
> extract_unc_hostname(tcon->ses->server->hostname, &tcp_host,
> &tcp_host_len);
> @@ -165,7 +172,7 @@ static int __cifs_reconnect_tcon(const struct nls_table *nlsc,
> continue;
> }
>
> - snprintf(tree, sizeof(tree), "\\%s", tgt);
> + snprintf(tree, MAX_TREE_SIZE, "\\%s", tgt);
>
> rc = CIFSTCon(0, tcon->ses, tree, tcon, nlsc);
> if (!rc)
> @@ -182,6 +189,8 @@ static int __cifs_reconnect_tcon(const struct nls_table *nlsc,
> rc = -ENOENT;
> }
> dfs_cache_free_tgts(&tl);
> +out:
> + kfree(tree);
> return rc;
> }
> #else
> diff --git a/fs/cifs/smb2pdu.c b/fs/cifs/smb2pdu.c
> index e283590955cd..9a7a51cd07ac 100644
> --- a/fs/cifs/smb2pdu.c
> +++ b/fs/cifs/smb2pdu.c
> @@ -162,24 +162,31 @@ static int __smb2_reconnect(const struct nls_table *nlsc,
> int rc;
> struct dfs_cache_tgt_list tl;
> struct dfs_cache_tgt_iterator *it = NULL;
> - char tree[MAX_TREE_SIZE + 1];
> + char *tree;
> const char *tcp_host;
> size_t tcp_host_len;
> const char *dfs_host;
> size_t dfs_host_len;
>
> + tree = kzalloc(MAX_TREE_SIZE, GFP_KERNEL);
> + if (!tree)
> + return -ENOMEM;
> +
> if (tcon->ipc) {
> - snprintf(tree, sizeof(tree), "\\\\%s\\IPC$",
> + snprintf(tree, MAX_TREE_SIZE, "\\\\%s\\IPC$",
> tcon->ses->server->hostname);
> - return SMB2_tcon(0, tcon->ses, tree, tcon, nlsc);
> + rc = SMB2_tcon(0, tcon->ses, tree, tcon, nlsc);
> + goto out;
> }
>
> - if (!tcon->dfs_path)
> - return SMB2_tcon(0, tcon->ses, tcon->treeName, tcon, nlsc);
> + if (!tcon->dfs_path) {
> + rc = SMB2_tcon(0, tcon->ses, tcon->treeName, tcon, nlsc);
> + goto out;
> + }
>
> rc = dfs_cache_noreq_find(tcon->dfs_path + 1, NULL, &tl);
> if (rc)
> - return rc;
> + goto out;
>
> extract_unc_hostname(tcon->ses->server->hostname, &tcp_host,
> &tcp_host_len);
> @@ -199,7 +206,7 @@ static int __smb2_reconnect(const struct nls_table *nlsc,
> continue;
> }
>
> - snprintf(tree, sizeof(tree), "\\%s", tgt);
> + snprintf(tree, MAX_TREE_SIZE, "\\%s", tgt);
>
> rc = SMB2_tcon(0, tcon->ses, tree, tcon, nlsc);
> if (!rc)
> @@ -216,6 +223,8 @@ static int __smb2_reconnect(const struct nls_table *nlsc,
> rc = -ENOENT;
> }
> dfs_cache_free_tgts(&tl);
> +out:
> + kfree(tree);
> return rc;
> }
> #else
> --
> 2.16.4
--
Thanks,
Steve
