cifs: sanitize username handling

Currently, it's not very clear whether you're allowed to have a NULL
vol->username or ses->user_name. Some places check for it and some don't.

Make it clear that a NULL pointer is OK in these fields, and ensure that
all the callers check for that.

Signed-off-by: Jeff Layton <jlayton@redhat.com>
Signed-off-by: Steve French <smfrench@gmail.com>

1 files changed, 7 insertions, 3 deletions

diff --git a/fs/cifs/cifs_spnego.c b/fs/cifs/cifs_spnego.c
index 2272fd5fe5b7..e622863b292f 100644
--- a/fs/cifs/cifs_spnego.c
+++ b/fs/cifs/cifs_spnego.c
@@ -113,9 +113,11 @@ cifs_get_spnego_key(struct cifs_ses *sesInfo)
                    MAX_MECH_STR_LEN +
                    UID_KEY_LEN + (sizeof(uid_t) * 2) +
                    CREDUID_KEY_LEN + (sizeof(uid_t) * 2) +
-                   USER_KEY_LEN + strlen(sesInfo->user_name) +
                    PID_KEY_LEN + (sizeof(pid_t) * 2) + 1;
 
+        if (sesInfo->user_name)
+                desc_len += USER_KEY_LEN + strlen(sesInfo->user_name);
+
         spnego_key = ERR_PTR(-ENOMEM);
         description = kzalloc(desc_len, GFP_KERNEL);
         if (description == NULL)
@@ -152,8 +154,10 @@ cifs_get_spnego_key(struct cifs_ses *sesInfo)
         dp = description + strlen(description);
         sprintf(dp, ";creduid=0x%x", sesInfo->cred_uid);
 
-        dp = description + strlen(description);
-        sprintf(dp, ";user=%s", sesInfo->user_name);
+        if (sesInfo->user_name) {
+                dp = description + strlen(description);
+                sprintf(dp, ";user=%s", sesInfo->user_name);
+        }
 
         dp = description + strlen(description);
         sprintf(dp, ";pid=0x%x", current->pid);