Patch "ksmbd: use ksmbd_req_buf_next() in ksmbd_smb2_check_message()" has been added to the 5.15-stable tree

[Date Prev][Date Next][Thread Prev][Thread Next][Date Index][Thread Index]

 

This is a note to let you know that I've just added the patch titled

    ksmbd: use ksmbd_req_buf_next() in ksmbd_smb2_check_message()

to the 5.15-stable tree which can be found at:
    http://www.kernel.org/git/?p=linux/kernel/git/stable/stable-queue.git;a=summary

The filename of the patch is:
     ksmbd-use-ksmbd_req_buf_next-in-ksmbd_smb2_check_message.patch
and it can be found in the queue-5.15 subdirectory.

If you, or anyone else, feels it should not be added to the stable tree,
please let <stable@xxxxxxxxxxxxxxx> know about it.


>From stable-owner@xxxxxxxxxxxxxxx Thu Jul 20 15:25:31 2023
From: Namjae Jeon <linkinjeon@xxxxxxxxxx>
Date: Thu, 20 Jul 2023 22:23:28 +0900
Subject: ksmbd: use ksmbd_req_buf_next() in ksmbd_smb2_check_message()
To: stable@xxxxxxxxxxxxxxx
Cc: gregkh@xxxxxxxxxxxxxxxxxxx, stfrench@xxxxxxxxxxxxx, smfrench@xxxxxxxxx, Namjae Jeon <linkinjeon@xxxxxxxxxx>, Ralph Boehme <slow@xxxxxxxxx>, Tom Talpey <tom@xxxxxxxxxx>, Ronnie Sahlberg <ronniesahlberg@xxxxxxxxx>, Hyunchul Lee <hyc.lee@xxxxxxxxx>
Message-ID: <20230720132336.7614-2-linkinjeon@xxxxxxxxxx>

From: Ralph Boehme <slow@xxxxxxxxx>

commit b83b27909e74d27796de19c802fbc3b65ab4ba9a upstream.

Use ksmbd_req_buf_next() in ksmbd_smb2_check_message().

Cc: Tom Talpey <tom@xxxxxxxxxx>
Cc: Ronnie Sahlberg <ronniesahlberg@xxxxxxxxx>
Cc: Steve French <smfrench@xxxxxxxxx>
Cc: Hyunchul Lee <hyc.lee@xxxxxxxxx>
Acked-by: Namjae Jeon <linkinjeon@xxxxxxxxxx>
Signed-off-by: Ralph Boehme <slow@xxxxxxxxx>
Signed-off-by: Steve French <stfrench@xxxxxxxxxxxxx>
Signed-off-by: Greg Kroah-Hartman <gregkh@xxxxxxxxxxxxxxxxxxx>
---
 fs/ksmbd/smb2misc.c |    9 ++-------
 1 file changed, 2 insertions(+), 7 deletions(-)

--- a/fs/ksmbd/smb2misc.c
+++ b/fs/ksmbd/smb2misc.c
@@ -347,16 +347,11 @@ static int smb2_validate_credit_charge(s
 
 int ksmbd_smb2_check_message(struct ksmbd_work *work)
 {
-	struct smb2_pdu *pdu = work->request_buf;
+	struct smb2_pdu *pdu = ksmbd_req_buf_next(work);
 	struct smb2_hdr *hdr = &pdu->hdr;
 	int command;
 	__u32 clc_len;  /* calculated length */
-	__u32 len = get_rfc1002_len(pdu);
-
-	if (work->next_smb2_rcv_hdr_off) {
-		pdu = ksmbd_req_buf_next(work);
-		hdr = &pdu->hdr;
-	}
+	__u32 len = get_rfc1002_len(work->request_buf);
 
 	if (le32_to_cpu(hdr->NextCommand) > 0)
 		len = le32_to_cpu(hdr->NextCommand);


Patches currently in stable-queue which might be from stable-owner@xxxxxxxxxxxxxxx are

queue-5.15/ksmbd-validate-session-id-and-tree-id-in-the-compound-request.patch
queue-5.15/ksmbd-fix-out-of-bound-read-in-smb2_write.patch
queue-5.15/ksmbd-use-ksmbd_req_buf_next-in-ksmbd_smb2_check_message.patch
queue-5.15/ksmbd-validate-command-payload-size.patch
[Date Prev][Date Next][Thread Prev][Thread Next][Date Index][Thread Index]
[Index of Archives]     [Linux USB Devel]     [Linux Audio Users]     [Yosemite News]     [Linux Kernel]     [Linux SCSI]

  Powered by Linux