Your patch looks correct - added cc:stable and merged to cifs-2.6.git for-next On Sun, Sep 22, 2019 at 2:23 PM Murphy Zhou <jencce.kernel@xxxxxxxxx> wrote: > > On Sat, Sep 21, 2019 at 08:23:32PM +0200, Aurélien Aptel wrote: > > "Murphy Zhou" <jencce.kernel@xxxxxxxxx> writes: > > > It should not be larger then the slab max buf size. If user > > > specifies a larger size, it passes this check and goes > > > straightly to SMB2_set_info_init performing an insecure memcpy. > > > > It's even smaller than that as CIFSMaxBufSize is the max size for the > > whole packet IIRC. The EA payload needs to fit into that. So it should > > be CIFSMaxBufSize-(largest SMB2 header size + Set EA initial header). > > No need. Slab size includes the bufzise and the header size. > > > And if we set multiple EA at the same time it has to be divided > > by the number of EAs etc... > > They will be handled separately and slab will work well. > > > > > Cheers, > > -- > > Aurélien Aptel / SUSE Labs Samba Team > > GPG: 1839 CB5F 9F5B FB9B AA97 8C99 03C8 A49B 521B D5D3 > > SUSE Software Solutions Germany GmbH, Maxfeldstr. 5, 90409 Nürnberg, DE > > GF: Felix Imendörffer, Mary Higgins, Sri Rasiah HRB 247165 (AG München) -- Thanks, Steve
