Patch "ksmbd: replace one-element arrays with flexible-array members" has been added to the 6.1-stable tree

Sasha Levin <sashal@xxxxxxxxxx> · Mon, 1 Jan 2024 13:13:15 -0500

This is a note to let you know that I've just added the patch titled

    ksmbd: replace one-element arrays with flexible-array members

to the 6.1-stable tree which can be found at:
    http://www.kernel.org/git/?p=linux/kernel/git/stable/stable-queue.git;a=summary

The filename of the patch is:
     ksmbd-replace-one-element-arrays-with-flexible-array.patch
and it can be found in the queue-6.1 subdirectory.

If you, or anyone else, feels it should not be added to the stable tree,
please let <stable@xxxxxxxxxxxxxxx> know about it.



commit e5d9c15451d11295687fcfa387bc90c3305f76af
Author: Gustavo A. R. Silva <gustavoars@xxxxxxxxxx>
Date:   Sun Dec 31 16:12:20 2023 +0900

    ksmbd: replace one-element arrays with flexible-array members
    
    [ Upstream commit d272e01fa0a2f15c5c331a37cd99c6875c7b7186 ]
    
    One-element arrays are deprecated, and we are replacing them with flexible
    array members instead. So, replace one-element arrays with flexible-array
    members in multiple structs in fs/ksmbd/smb_common.h and one in
    fs/ksmbd/smb2pdu.h.
    
    Important to mention is that doing a build before/after this patch results
    in no binary output differences.
    
    This helps with the ongoing efforts to tighten the FORTIFY_SOURCE routines
    on memcpy() and help us make progress towards globally enabling
    -fstrict-flex-arrays=3 [1].
    
    Link: https://github.com/KSPP/linux/issues/242
    Link: https://github.com/KSPP/linux/issues/79
    Link: https://gcc.gnu.org/pipermail/gcc-patches/2022-October/602902.html [1]
    Signed-off-by: Gustavo A. R. Silva <gustavoars@xxxxxxxxxx>
    Reviewed-by: Sergey Senozhatsky <senozhatsky@xxxxxxxxxxxx>
    Acked-by: Namjae Jeon <linkinjeon@xxxxxxxxxx>
    Reviewed-by: Kees Cook <keescook@xxxxxxxxxxxx>
    Signed-off-by: Kees Cook <keescook@xxxxxxxxxxxx>
    Link: https://lore.kernel.org/r/Y3OxronfaPYv9qGP@work
    Signed-off-by: Sasha Levin <sashal@xxxxxxxxxx>

diff --git a/fs/smb/server/smb2pdu.c b/fs/smb/server/smb2pdu.c
index 1598ad6155fef..3f4f6b0385655 100644
--- a/fs/smb/server/smb2pdu.c
+++ b/fs/smb/server/smb2pdu.c
@@ -3525,7 +3525,7 @@ static int smb2_populate_readdir_entry(struct ksmbd_conn *conn, int info_level,
 		goto free_conv_name;
 	}
 
-	struct_sz = readdir_info_level_struct_sz(info_level) - 1 + conv_len;
+	struct_sz = readdir_info_level_struct_sz(info_level) + conv_len;
 	next_entry_offset = ALIGN(struct_sz, KSMBD_DIR_INFO_ALIGNMENT);
 	d_info->last_entry_off_align = next_entry_offset - struct_sz;
 
@@ -3777,7 +3777,7 @@ static int reserve_populate_dentry(struct ksmbd_dir_info *d_info,
 		return -EOPNOTSUPP;
 
 	conv_len = (d_info->name_len + 1) * 2;
-	next_entry_offset = ALIGN(struct_sz - 1 + conv_len,
+	next_entry_offset = ALIGN(struct_sz + conv_len,
 				  KSMBD_DIR_INFO_ALIGNMENT);
 
 	if (next_entry_offset > d_info->out_buf_len) {
diff --git a/fs/smb/server/smb2pdu.h b/fs/smb/server/smb2pdu.h
index 665a837378540..f13bd65993ccc 100644
--- a/fs/smb/server/smb2pdu.h
+++ b/fs/smb/server/smb2pdu.h
@@ -446,7 +446,7 @@ struct smb2_posix_info {
 	/* SidBuffer contain two sids (UNIX user sid(16), UNIX group sid(16)) */
 	u8 SidBuffer[32];
 	__le32 name_len;
-	u8 name[1];
+	u8 name[];
 	/*
 	 * var sized owner SID
 	 * var sized group SID
diff --git a/fs/smb/server/smb_common.h b/fs/smb/server/smb_common.h
index 1cbb492cdefec..f0134d16067fb 100644
--- a/fs/smb/server/smb_common.h
+++ b/fs/smb/server/smb_common.h
@@ -263,14 +263,14 @@ struct file_directory_info {
 	__le64 AllocationSize;
 	__le32 ExtFileAttributes;
 	__le32 FileNameLength;
-	char FileName[1];
+	char FileName[];
 } __packed;   /* level 0x101 FF resp data */
 
 struct file_names_info {
 	__le32 NextEntryOffset;
 	__u32 FileIndex;
 	__le32 FileNameLength;
-	char FileName[1];
+	char FileName[];
 } __packed;   /* level 0xc FF resp data */
 
 struct file_full_directory_info {
@@ -285,7 +285,7 @@ struct file_full_directory_info {
 	__le32 ExtFileAttributes;
 	__le32 FileNameLength;
 	__le32 EaSize;
-	char FileName[1];
+	char FileName[];
 } __packed; /* level 0x102 FF resp */
 
 struct file_both_directory_info {
@@ -303,7 +303,7 @@ struct file_both_directory_info {
 	__u8   ShortNameLength;
 	__u8   Reserved;
 	__u8   ShortName[24];
-	char FileName[1];
+	char FileName[];
 } __packed; /* level 0x104 FFrsp data */
 
 struct file_id_both_directory_info {
@@ -323,7 +323,7 @@ struct file_id_both_directory_info {
 	__u8   ShortName[24];
 	__le16 Reserved2;
 	__le64 UniqueId;
-	char FileName[1];
+	char FileName[];
 } __packed;
 
 struct file_id_full_dir_info {
@@ -340,7 +340,7 @@ struct file_id_full_dir_info {
 	__le32 EaSize; /* EA size */
 	__le32 Reserved;
 	__le64 UniqueId; /* inode num - le since Samba puts ino in low 32 bit*/
-	char FileName[1];
+	char FileName[];
 } __packed; /* level 0x105 FF rsp data */
 
 struct smb_version_values {







