aboutsummaryrefslogtreecommitdiffstats
diff options
context:
space:
mode:
authorPavel Shilovsky <piastry@etersoft.ru>2012-09-25 03:00:08 -0400
committerSteve French <smfrench@gmail.com>2012-09-26 23:15:24 -0400
commitf065fd099fc475333fc7a55677a7f64764445d55 (patch)
treea1f5b22510ffe01efd3fbf273beedc00d4f86348
parent4ca3a99ca4bf8f5dcfc4fef4f2b1d8322bb60ad9 (diff)
CIFS: Fix possible freed pointer dereference in CIFS_SessSetup
Signed-off-by: Pavel Shilovsky <piastry@etersoft.ru> Signed-off-by: Steve French <smfrench@gmail.com>
-rw-r--r--fs/cifs/sess.c3
1 files changed, 2 insertions, 1 deletions
diff --git a/fs/cifs/sess.c b/fs/cifs/sess.c
index 382c06d01b38..76809f4d3428 100644
--- a/fs/cifs/sess.c
+++ b/fs/cifs/sess.c
@@ -876,7 +876,8 @@ ssetup_ntlmssp_authenticate:
876 pSMB = (SESSION_SETUP_ANDX *)iov[0].iov_base; 876 pSMB = (SESSION_SETUP_ANDX *)iov[0].iov_base;
877 smb_buf = (struct smb_hdr *)iov[0].iov_base; 877 smb_buf = (struct smb_hdr *)iov[0].iov_base;
878 878
879 if ((type == RawNTLMSSP) && (smb_buf->Status.CifsError == 879 if ((type == RawNTLMSSP) && (resp_buf_type != CIFS_NO_BUFFER) &&
880 (smb_buf->Status.CifsError ==
880 cpu_to_le32(NT_STATUS_MORE_PROCESSING_REQUIRED))) { 881 cpu_to_le32(NT_STATUS_MORE_PROCESSING_REQUIRED))) {
881 if (phase != NtLmNegotiate) { 882 if (phase != NtLmNegotiate) {
882 cERROR(1, "Unexpected more processing error"); 883 cERROR(1, "Unexpected more processing error");