linux/fs
Jeff Layton 497728e11a cifs: fix bad buffer length check in coalesce_t2
The current check looks to see if the RFC1002 length is larger than
CIFSMaxBufSize, and fails if it is. The buffer is actually larger than
that by MAX_CIFS_HDR_SIZE.

This bug has been around for a long time, but the fact that we used to
cap the clients MaxBufferSize at the same level as the server tended
to paper over it. Commit c974befa changed that however and caused this
bug to bite in more cases.

Reported-and-Tested-by: Konstantinos Skarlatos <k.skarlatos@gmail.com>
Tested-by: Shirish Pargaonkar <shirishpargaonkar@gmail.com>
Signed-off-by: Jeff Layton <jlayton@redhat.com>
Signed-off-by: Steve French <smfrench@gmail.com>
2012-01-03 20:34:17 -06:00
..
9p filesystems: add set_nlink() 2011-11-02 12:53:43 +01:00
adfs filesystems: add set_nlink() 2011-11-02 12:53:43 +01:00
affs filesystems: add set_nlink() 2011-11-02 12:53:43 +01:00
afs filesystems: add set_nlink() 2011-11-02 12:53:43 +01:00
autofs4 filesystems: add set_nlink() 2011-11-02 12:53:43 +01:00
befs filesystems: add set_nlink() 2011-11-02 12:53:43 +01:00
bfs filesystems: add set_nlink() 2011-11-02 12:53:43 +01:00
btrfs Merge branch 'for-linus' of git://git.kernel.org/pub/scm/linux/kernel/git/mason/linux-btrfs 2011-12-23 14:58:39 -08:00
cachefiles
ceph ceph: disable use of dcache for readdir etc. 2011-12-29 08:05:14 -08:00
cifs cifs: fix bad buffer length check in coalesce_t2 2012-01-03 20:34:17 -06:00
coda filesystems: add set_nlink() 2011-11-02 12:53:43 +01:00
configfs configfs: register_filesystem() called too early 2011-12-13 12:35:15 -05:00
cramfs
debugfs debugfs: Fix a comment mistake 2011-08-22 17:41:48 -07:00
devpts filesystems: add set_nlink() 2011-11-02 12:53:43 +01:00
dlm
ecryptfs eCryptfs: Extend array bounds for all filename chars 2011-11-23 15:43:53 -06:00
efs filesystems: add set_nlink() 2011-11-02 12:53:43 +01:00
exofs Merge branch 'modsplit-Oct31_2011' of git://git.kernel.org/pub/scm/linux/kernel/git/paulg/linux 2011-11-06 19:44:47 -08:00
exportfs
ext2 Merge branch 'for-next' of git://git.kernel.org/pub/scm/linux/kernel/git/hch/vfs-queue 2011-11-02 11:41:01 -07:00
ext3 Merge branch 'for-next' of git://git.kernel.org/pub/scm/linux/kernel/git/hch/vfs-queue 2011-11-02 11:41:01 -07:00
ext4 ext4: handle EOF correctly in ext4_bio_write_page() 2011-12-13 22:29:12 -05:00
fat filesystems: add set_nlink() 2011-11-02 12:53:43 +01:00
freevxfs filesystems: add set_nlink() 2011-11-02 12:53:43 +01:00
fscache
fuse Merge branch 'for-linus' of git://git.kernel.org/pub/scm/linux/kernel/git/mszeredi/fuse 2011-12-14 18:23:35 -08:00
gfs2 Merge branch 'modsplit-Oct31_2011' of git://git.kernel.org/pub/scm/linux/kernel/git/paulg/linux 2011-11-06 19:44:47 -08:00
hfs hfs: add sanity check for file name length 2011-11-15 14:29:42 -02:00
hfsplus filesystems: add set_nlink() 2011-11-02 12:53:43 +01:00
hostfs Merge branch 'for-next' of git://git.kernel.org/pub/scm/linux/kernel/git/hch/vfs-queue 2011-11-02 11:41:01 -07:00
hpfs filesystems: add set_nlink() 2011-11-02 12:53:43 +01:00
hppfs filesystems: add set_nlink() 2011-11-02 12:53:43 +01:00
hugetlbfs filesystems: add missing nlink wrappers 2011-11-02 12:53:43 +01:00
isofs Merge branch 'akpm' (Andrew's incoming - part two) 2011-11-02 16:07:27 -07:00
jbd jbd/jbd2: validate sb->s_first in journal_get_superblock() 2011-11-01 19:04:59 -04:00
jbd2 jbd2: Unify log messages in jbd2 code 2011-11-01 19:09:18 -04:00
jffs2 Merge git://git.infradead.org/mtd-2.6 2011-11-07 09:11:16 -08:00
jfs Merge branch 'modsplit-Oct31_2011' of git://git.kernel.org/pub/scm/linux/kernel/git/paulg/linux 2011-11-06 19:44:47 -08:00
lockd SUNRPC: Replace svc_addr_u by sockaddr_storage 2011-09-14 08:21:48 -04:00
logfs Merge branch 'modsplit-Oct31_2011' of git://git.kernel.org/pub/scm/linux/kernel/git/paulg/linux 2011-11-06 19:44:47 -08:00
minix minixfs: kill manual hweight(), simplify 2011-11-19 11:13:28 -05:00
ncpfs fs/ncpfs: fix error paths and goto statements in ncp_fill_super() 2011-12-14 00:45:33 -05:00
nfs NFS: Fix a regression in nfs_file_llseek() 2011-12-15 18:44:36 -05:00
nfs_common
nfsd Merge branch 'modsplit-Oct31_2011' of git://git.kernel.org/pub/scm/linux/kernel/git/paulg/linux 2011-11-06 19:44:47 -08:00
nilfs2 nilfs2: potential integer overflow in nilfs_ioctl_clean_segments() 2011-12-20 10:25:04 -08:00
nls
notify atomic: use <linux/atomic.h> 2011-07-26 16:49:47 -07:00
ntfs filesystems: add set_nlink() 2011-11-02 12:53:43 +01:00
ocfs2 Merge branch 'upstream-linus' of git://git.kernel.org/pub/scm/linux/kernel/git/jlbec/ocfs2 2011-12-01 14:55:34 -08:00
omfs
openpromfs filesystems: add set_nlink() 2011-11-02 12:53:43 +01:00
partitions treewide: use __printf not __attribute__((format(printf,...))) 2011-10-31 17:30:54 -07:00
proc procfs: do not confuse jiffies with cputime64_t 2011-12-29 16:31:57 -08:00
pstore pstore: pass allocated memory region back to caller 2011-11-17 12:58:07 -08:00
qnx4 filesystems: add set_nlink() 2011-11-02 12:53:43 +01:00
quota Merge branch 'writeback-for-linus' of git://git.kernel.org/pub/scm/linux/kernel/git/wfg/linux 2011-11-06 19:02:23 -08:00
ramfs ramfs: remove module leftovers 2011-11-02 16:06:58 -07:00
reiserfs filesystems: add set_nlink() 2011-11-02 12:53:43 +01:00
romfs filesystems: add set_nlink() 2011-11-02 12:53:43 +01:00
squashfs Merge git://git.kernel.org/pub/scm/linux/kernel/git/pkl/squashfs-next 2011-11-04 16:48:37 -07:00
sysfs filesystems: add set_nlink() 2011-11-02 12:53:43 +01:00
sysv filesystems: add set_nlink() 2011-11-02 12:53:43 +01:00
ubifs ubifs: too early register_filesystem() 2011-12-13 12:35:13 -05:00
udf Merge branch 'for-next' of git://git.kernel.org/pub/scm/linux/kernel/git/hch/vfs-queue 2011-11-02 11:41:01 -07:00
ufs filesystems: add set_nlink() 2011-11-02 12:53:43 +01:00
xfs xfs: log all dirty inodes in xfs_fs_sync_fs 2011-12-23 16:41:47 -06:00
aio.c aio: allocate kiocbs in batches 2011-11-02 16:07:03 -07:00
anon_inodes.c
attr.c Merge branch 'next-evm' of git://git.kernel.org/pub/scm/linux/kernel/git/zohar/ima-2.6 into next 2011-08-09 10:31:03 +10:00
bad_inode.c
binfmt_aout.c
binfmt_elf_fdpic.c
binfmt_elf.c binfmt_elf: fix PIE execution with randomization disabled 2011-11-02 16:06:58 -07:00
binfmt_em86.c
binfmt_flat.c
binfmt_misc.c filesystems: add missing nlink wrappers 2011-11-02 12:53:43 +01:00
binfmt_script.c
binfmt_som.c
bio-integrity.c fs: add export.h to files using EXPORT_SYMBOL/THIS_MODULE macros 2011-10-31 19:30:31 -04:00
bio.c bio: change some signed vars to unsigned 2011-11-16 09:21:50 +01:00
block_dev.c Merge branch 'for-3.2/drivers' of git://git.kernel.dk/linux-block 2011-11-04 17:22:14 -07:00
buffer.c Merge branch 'writeback-for-linus' of git://git.kernel.org/pub/scm/linux/kernel/git/wfg/linux 2011-11-06 19:02:23 -08:00
char_dev.c
compat_binfmt_elf.c
compat_ioctl.c compat_ioctl: add compat handler for PPPIOCGL2TPSTATS 2011-08-07 22:24:41 -07:00
compat.c Cross Memory Attach 2011-10-31 17:30:44 -07:00
dcache.c fix apparmor dereferencing potentially freed dentry, sanitize __d_path() API 2011-12-06 23:57:18 -05:00
dcookies.c
direct-io.c direct-io: merge direct_io_walker into __blockdev_direct_IO 2011-10-28 14:58:58 +02:00
drop_caches.c
eventfd.c
eventpoll.c epoll: fix spurious lockdep warnings 2011-10-31 17:30:57 -07:00
exec.c oom: remove oom_disable_count 2011-10-31 17:30:45 -07:00
fcntl.c
fhandle.c
fifo.c
file_table.c atomic: use <linux/atomic.h> 2011-07-26 16:49:47 -07:00
file.c
filesystems.c
fs_struct.c
fs-writeback.c writeback: show writeback reason with __print_symbolic 2011-12-18 14:20:17 +08:00
generic_acl.c switch posix_acl_equiv_mode() to umode_t * 2011-08-01 02:10:06 -04:00
inode.c vfs: protect i_nlink 2011-11-02 12:53:43 +01:00
internal.h
ioctl.c
ioprio.c fs: add export.h to files using EXPORT_SYMBOL/THIS_MODULE macros 2011-10-31 19:30:31 -04:00
Kconfig tmpfs: add "tmpfs" to the Kconfig prompt to make it obvious. 2011-10-31 17:30:45 -07:00
Kconfig.binfmt
libfs.c filesystems: add set_nlink() 2011-11-02 12:53:43 +01:00
locks.c vfs: fix handling of lock allocation failure in lease-break case 2011-12-26 10:25:26 -08:00
Makefile fs/Makefile: Stupid typo breakage of exofs inclusion 2011-10-27 08:36:51 +02:00
mbcache.c
mpage.c
namei.c VFS: we need to set LOOKUP_JUMPED on mountpoint crossing 2011-11-07 14:58:06 -08:00
namespace.c fix apparmor dereferencing potentially freed dentry, sanitize __d_path() API 2011-12-06 23:57:18 -05:00
no-block.c
open.c leases: fix write-open/read-lease race 2011-10-28 14:59:00 +02:00
pipe.c fs/pipe.c: add ->statfs callback for pipefs 2011-10-31 17:30:51 -07:00
pnode.c
pnode.h
posix_acl.c vfs: pass all mask flags check_acl and posix_acl_permission 2011-10-28 14:58:54 +02:00
read_write.c Cross Memory Attach 2011-10-31 17:30:44 -07:00
read_write.h
readdir.c
select.c
seq_file.c fix apparmor dereferencing potentially freed dentry, sanitize __d_path() API 2011-12-06 23:57:18 -05:00
signalfd.c
splice.c
stack.c filesystems: add set_nlink() 2011-11-02 12:53:43 +01:00
stat.c readlinkat: ensure we return ENOENT for the empty pathname for normal lookups 2011-11-02 12:53:42 +01:00
statfs.c VFS: fix statfs() automounter semantics regression 2011-11-04 18:15:59 -07:00
super.c vfs: ignore error on forced remount 2011-11-02 12:53:42 +01:00
sync.c writeback: Add a 'reason' to wb_writeback_work 2011-10-31 00:33:36 +08:00
timerfd.c
utimes.c
xattr_acl.c
xattr.c