Re: [patch] cifs: integer overflow in parse_dacl()

[Date Prev][Date Next][Thread Prev][Thread Next][Date Index][Thread Index]

 



On Wed, Jan 11, 2012 at 12:31:34PM -0600, Steve French wrote:
> We could calculate max_aces based on a minimum sized ace and maximum
> smb frame size (which would be 64K presumably for Windows for
> non-Writes, but larger for Samba), but not sure if it is worth the
> trouble unless you find a path where we would parse beyond end of
> frame,

This was a static checker test and I haven't tried to exploit it.
You guys are more familiar with the code obviously and you've lost
me with the talk about max_aces.  I don't see that anywhere in the
code...

$ grep max_aces fs/cifs/ -iR | wc -l
0

regards,
dan carpenter


Attachment: signature.asc
Description: Digital signature


[Index of Archives]     [Kernel Development]     [Kernel Announce]     [Kernel Newbies]     [Linux Networking Development]     [Share Photos]     [IDE]     [Security]     [Git]     [Netfilter]     [Yosemite News]     [MIPS Linux]     [ARM Linux]     [Device Mapper]

  Powered by Linux