Patch "SUNRPC: return proper error from gss_wrap_req_priv" has been added to the 6.1-stable tree

[Date Prev][Date Next][Thread Prev][Thread Next][Date Index][Thread Index]

 



This is a note to let you know that I've just added the patch titled

    SUNRPC: return proper error from gss_wrap_req_priv

to the 6.1-stable tree which can be found at:
    http://www.kernel.org/git/?p=linux/kernel/git/stable/stable-queue.git;a=summary

The filename of the patch is:
     sunrpc-return-proper-error-from-gss_wrap_req_priv.patch
and it can be found in the queue-6.1 subdirectory.

If you, or anyone else, feels it should not be added to the stable tree,
please let <stable@xxxxxxxxxxxxxxx> know about it.



commit 30238f3eaf011530329a66e7ff0a2e941d8092ac
Author: Chen Hanxiao <chenhx.fnst@xxxxxxxxxxx>
Date:   Thu May 23 16:47:16 2024 +0800

    SUNRPC: return proper error from gss_wrap_req_priv
    
    [ Upstream commit 33c94d7e3cb84f6d130678d6d59ba475a6c489cf ]
    
    don't return 0 if snd_buf->len really greater than snd_buf->buflen
    
    Signed-off-by: Chen Hanxiao <chenhx.fnst@xxxxxxxxxxx>
    Fixes: 0c77668ddb4e ("SUNRPC: Introduce trace points in rpc_auth_gss.ko")
    Reviewed-by: Benjamin Coddington <bcodding@xxxxxxxxxx>
    Reviewed-by: Chuck Lever <chuck.lever@xxxxxxxxxx>
    Signed-off-by: Trond Myklebust <trond.myklebust@xxxxxxxxxxxxxxx>
    Signed-off-by: Sasha Levin <sashal@xxxxxxxxxx>

diff --git a/net/sunrpc/auth_gss/auth_gss.c b/net/sunrpc/auth_gss/auth_gss.c
index 2d7b1e03110ae..3ef511d7af190 100644
--- a/net/sunrpc/auth_gss/auth_gss.c
+++ b/net/sunrpc/auth_gss/auth_gss.c
@@ -1858,8 +1858,10 @@ gss_wrap_req_priv(struct rpc_cred *cred, struct gss_cl_ctx *ctx,
 	offset = (u8 *)p - (u8 *)snd_buf->head[0].iov_base;
 	maj_stat = gss_wrap(ctx->gc_gss_ctx, offset, snd_buf, inpages);
 	/* slack space should prevent this ever happening: */
-	if (unlikely(snd_buf->len > snd_buf->buflen))
+	if (unlikely(snd_buf->len > snd_buf->buflen)) {
+		status = -EIO;
 		goto wrap_failed;
+	}
 	/* We're assuming that when GSS_S_CONTEXT_EXPIRED, the encryption was
 	 * done anyway, so it's safe to put the request on the wire: */
 	if (maj_stat == GSS_S_CONTEXT_EXPIRED)




[Date Prev][Date Next][Thread Prev][Thread Next][Date Index][Thread Index]
[Index of Archives]     [Linux USB Devel]     [Linux Audio Users]     [Yosemite News]     [Linux Kernel]     [Linux SCSI]

  Powered by Linux