aboutsummaryrefslogtreecommitdiffstats
diff options
context:
space:
mode:
-rw-r--r--fs/cifs/cifs_debug.c15
-rw-r--r--fs/cifs/connect.c124
2 files changed, 80 insertions, 59 deletions
diff --git a/fs/cifs/cifs_debug.c b/fs/cifs/cifs_debug.c
index bff2ec6e054a..4061e43471c1 100644
--- a/fs/cifs/cifs_debug.c
+++ b/fs/cifs/cifs_debug.c
@@ -89,14 +89,21 @@ cifs_debug_data_read(char *buf, char **beginBuffer, off_t offset,
89 list_for_each(tmp, &GlobalSMBSessionList) { 89 list_for_each(tmp, &GlobalSMBSessionList) {
90 i++; 90 i++;
91 ses = list_entry(tmp, struct cifsSesInfo, cifsSessionList); 91 ses = list_entry(tmp, struct cifsSesInfo, cifsSessionList);
92 length = 92 if((ses->serverDomain == NULL) || (ses->serverOS == NULL) ||
93 sprintf(buf, 93 (ses->serverNOS == NULL)) {
94 "\n%d) Name: %s Domain: %s Mounts: %d ServerOS: %s \n\tServerNOS: %s\tCapabilities: 0x%x\n\tSMB session status: %d\t", 94 buf += sprintf("\nentry for %s not fully displayed\n\t",
95 ses->serverName);
96
97 } else {
98 length =
99 sprintf(buf,
100 "\n%d) Name: %s Domain: %s Mounts: %d ServerOS: %s \n\tServerNOS: %s\tCapabilities: 0x%x\n\tSMB session status: %d\t",
95 i, ses->serverName, ses->serverDomain, 101 i, ses->serverName, ses->serverDomain,
96 atomic_read(&ses->inUse), 102 atomic_read(&ses->inUse),
97 ses->serverOS, ses->serverNOS, 103 ses->serverOS, ses->serverNOS,
98 ses->capabilities,ses->status); 104 ses->capabilities,ses->status);
99 buf += length; 105 buf += length;
106 }
100 if(ses->server) { 107 if(ses->server) {
101 buf += sprintf(buf, "TCP status: %d\n\tLocal Users To Server: %d SecMode: 0x%x Req Active: %d", 108 buf += sprintf(buf, "TCP status: %d\n\tLocal Users To Server: %d SecMode: 0x%x Req Active: %d",
102 ses->server->tcpStatus, 109 ses->server->tcpStatus,
diff --git a/fs/cifs/connect.c b/fs/cifs/connect.c
index c999583d11b0..8a8aa785e7b7 100644
--- a/fs/cifs/connect.c
+++ b/fs/cifs/connect.c
@@ -505,16 +505,6 @@ cifs_demultiplex_thread(struct TCP_Server_Info *server)
505 return 0; 505 return 0;
506} 506}
507 507
508static void *
509cifs_kcalloc(size_t size, unsigned int __nocast type)
510{
511 void *addr;
512 addr = kmalloc(size, type);
513 if (addr)
514 memset(addr, 0, size);
515 return addr;
516}
517
518static int 508static int
519cifs_parse_mount_options(char *options, const char *devname,struct smb_vol *vol) 509cifs_parse_mount_options(char *options, const char *devname,struct smb_vol *vol)
520{ 510{
@@ -632,7 +622,11 @@ cifs_parse_mount_options(char *options, const char *devname,struct smb_vol *vol)
632 /* go from value to value + temp_len condensing 622 /* go from value to value + temp_len condensing
633 double commas to singles. Note that this ends up 623 double commas to singles. Note that this ends up
634 allocating a few bytes too many, which is ok */ 624 allocating a few bytes too many, which is ok */
635 vol->password = cifs_kcalloc(temp_len, GFP_KERNEL); 625 vol->password = kcalloc(1, temp_len, GFP_KERNEL);
626 if(vol->password == NULL) {
627 printk("CIFS: no memory for pass\n");
628 return 1;
629 }
636 for(i=0,j=0;i<temp_len;i++,j++) { 630 for(i=0,j=0;i<temp_len;i++,j++) {
637 vol->password[j] = value[i]; 631 vol->password[j] = value[i];
638 if(value[i] == separator[0] && value[i+1] == separator[0]) { 632 if(value[i] == separator[0] && value[i+1] == separator[0]) {
@@ -642,7 +636,11 @@ cifs_parse_mount_options(char *options, const char *devname,struct smb_vol *vol)
642 } 636 }
643 vol->password[j] = 0; 637 vol->password[j] = 0;
644 } else { 638 } else {
645 vol->password = cifs_kcalloc(temp_len + 1, GFP_KERNEL); 639 vol->password = kcalloc(1, temp_len + 1, GFP_KERNEL);
640 if(vol->password == NULL) {
641 printk("CIFS: no memory for pass\n");
642 return 1;
643 }
646 strcpy(vol->password, value); 644 strcpy(vol->password, value);
647 } 645 }
648 } else if (strnicmp(data, "ip", 2) == 0) { 646 } else if (strnicmp(data, "ip", 2) == 0) {
@@ -1104,7 +1102,7 @@ ipv4_connect(struct sockaddr_in *psin_server, struct socket **csocket,
1104 sessinit is sent but no second negprot */ 1102 sessinit is sent but no second negprot */
1105 struct rfc1002_session_packet * ses_init_buf; 1103 struct rfc1002_session_packet * ses_init_buf;
1106 struct smb_hdr * smb_buf; 1104 struct smb_hdr * smb_buf;
1107 ses_init_buf = cifs_kcalloc(sizeof(struct rfc1002_session_packet), GFP_KERNEL); 1105 ses_init_buf = kcalloc(1, sizeof(struct rfc1002_session_packet), GFP_KERNEL);
1108 if(ses_init_buf) { 1106 if(ses_init_buf) {
1109 ses_init_buf->trailer.session_req.called_len = 32; 1107 ses_init_buf->trailer.session_req.called_len = 32;
1110 rfc1002mangle(ses_init_buf->trailer.session_req.called_name, 1108 rfc1002mangle(ses_init_buf->trailer.session_req.called_name,
@@ -1751,7 +1749,9 @@ CIFSSessSetup(unsigned int xid, struct cifsSesInfo *ses,
1751/* We look for obvious messed up bcc or strings in response so we do not go off 1749/* We look for obvious messed up bcc or strings in response so we do not go off
1752 the end since (at least) WIN2K and Windows XP have a major bug in not null 1750 the end since (at least) WIN2K and Windows XP have a major bug in not null
1753 terminating last Unicode string in response */ 1751 terminating last Unicode string in response */
1754 ses->serverOS = cifs_kcalloc(2 * (len + 1), GFP_KERNEL); 1752 ses->serverOS = kcalloc(1, 2 * (len + 1), GFP_KERNEL);
1753 if(ses->serverOS == NULL)
1754 goto sesssetup_nomem;
1755 cifs_strfromUCS_le(ses->serverOS, 1755 cifs_strfromUCS_le(ses->serverOS,
1756 (wchar_t *)bcc_ptr, len,nls_codepage); 1756 (wchar_t *)bcc_ptr, len,nls_codepage);
1757 bcc_ptr += 2 * (len + 1); 1757 bcc_ptr += 2 * (len + 1);
@@ -1761,7 +1761,9 @@ CIFSSessSetup(unsigned int xid, struct cifsSesInfo *ses,
1761 if (remaining_words > 0) { 1761 if (remaining_words > 0) {
1762 len = UniStrnlen((wchar_t *)bcc_ptr, 1762 len = UniStrnlen((wchar_t *)bcc_ptr,
1763 remaining_words-1); 1763 remaining_words-1);
1764 ses->serverNOS =cifs_kcalloc(2 * (len + 1),GFP_KERNEL); 1764 ses->serverNOS = kcalloc(1, 2 * (len + 1),GFP_KERNEL);
1765 if(ses->serverNOS == NULL)
1766 goto sesssetup_nomem;
1765 cifs_strfromUCS_le(ses->serverNOS, 1767 cifs_strfromUCS_le(ses->serverNOS,
1766 (wchar_t *)bcc_ptr,len,nls_codepage); 1768 (wchar_t *)bcc_ptr,len,nls_codepage);
1767 bcc_ptr += 2 * (len + 1); 1769 bcc_ptr += 2 * (len + 1);
@@ -1774,10 +1776,12 @@ CIFSSessSetup(unsigned int xid, struct cifsSesInfo *ses,
1774 } 1776 }
1775 remaining_words -= len + 1; 1777 remaining_words -= len + 1;
1776 if (remaining_words > 0) { 1778 if (remaining_words > 0) {
1777 len = UniStrnlen((wchar_t *) bcc_ptr, remaining_words); 1779 len = UniStrnlen((wchar_t *) bcc_ptr, remaining_words);
1778 /* last string is not always null terminated (for e.g. for Windows XP & 2000) */ 1780 /* last string is not always null terminated (for e.g. for Windows XP & 2000) */
1779 ses->serverDomain = 1781 ses->serverDomain =
1780 cifs_kcalloc(2*(len+1),GFP_KERNEL); 1782 kcalloc(1, 2*(len+1),GFP_KERNEL);
1783 if(ses->serverDomain == NULL)
1784 goto sesssetup_nomem;
1781 cifs_strfromUCS_le(ses->serverDomain, 1785 cifs_strfromUCS_le(ses->serverDomain,
1782 (wchar_t *)bcc_ptr,len,nls_codepage); 1786 (wchar_t *)bcc_ptr,len,nls_codepage);
1783 bcc_ptr += 2 * (len + 1); 1787 bcc_ptr += 2 * (len + 1);
@@ -1785,21 +1789,25 @@ CIFSSessSetup(unsigned int xid, struct cifsSesInfo *ses,
1785 ses->serverDomain[1+(2*len)] = 0; 1789 ses->serverDomain[1+(2*len)] = 0;
1786 } /* else no more room so create dummy domain string */ 1790 } /* else no more room so create dummy domain string */
1787 else 1791 else
1788 ses->serverDomain = 1792 ses->serverDomain =
1789 cifs_kcalloc(2, 1793 kcalloc(1, 2, GFP_KERNEL);
1790 GFP_KERNEL);
1791 } else { /* no room so create dummy domain and NOS string */ 1794 } else { /* no room so create dummy domain and NOS string */
1795 /* if these kcallocs fail not much we
1796 can do, but better to not fail the
1797 sesssetup itself */
1792 ses->serverDomain = 1798 ses->serverDomain =
1793 cifs_kcalloc(2, GFP_KERNEL); 1799 kcalloc(1, 2, GFP_KERNEL);
1794 ses->serverNOS = 1800 ses->serverNOS =
1795 cifs_kcalloc(2, GFP_KERNEL); 1801 kcalloc(1, 2, GFP_KERNEL);
1796 } 1802 }
1797 } else { /* ASCII */ 1803 } else { /* ASCII */
1798 len = strnlen(bcc_ptr, 1024); 1804 len = strnlen(bcc_ptr, 1024);
1799 if (((long) bcc_ptr + len) - (long) 1805 if (((long) bcc_ptr + len) - (long)
1800 pByteArea(smb_buffer_response) 1806 pByteArea(smb_buffer_response)
1801 <= BCC(smb_buffer_response)) { 1807 <= BCC(smb_buffer_response)) {
1802 ses->serverOS = cifs_kcalloc(len + 1,GFP_KERNEL); 1808 ses->serverOS = kcalloc(1, len + 1,GFP_KERNEL);
1809 if(ses->serverOS == NULL)
1810 goto sesssetup_nomem;
1803 strncpy(ses->serverOS,bcc_ptr, len); 1811 strncpy(ses->serverOS,bcc_ptr, len);
1804 1812
1805 bcc_ptr += len; 1813 bcc_ptr += len;
@@ -1807,14 +1815,18 @@ CIFSSessSetup(unsigned int xid, struct cifsSesInfo *ses,
1807 bcc_ptr++; 1815 bcc_ptr++;
1808 1816
1809 len = strnlen(bcc_ptr, 1024); 1817 len = strnlen(bcc_ptr, 1024);
1810 ses->serverNOS = cifs_kcalloc(len + 1,GFP_KERNEL); 1818 ses->serverNOS = kcalloc(1, len + 1,GFP_KERNEL);
1819 if(ses->serverNOS == NULL)
1820 goto sesssetup_nomem;
1811 strncpy(ses->serverNOS, bcc_ptr, len); 1821 strncpy(ses->serverNOS, bcc_ptr, len);
1812 bcc_ptr += len; 1822 bcc_ptr += len;
1813 bcc_ptr[0] = 0; 1823 bcc_ptr[0] = 0;
1814 bcc_ptr++; 1824 bcc_ptr++;
1815 1825
1816 len = strnlen(bcc_ptr, 1024); 1826 len = strnlen(bcc_ptr, 1024);
1817 ses->serverDomain = cifs_kcalloc(len + 1,GFP_KERNEL); 1827 ses->serverDomain = kcalloc(1, len + 1,GFP_KERNEL);
1828 if(ses->serverDomain == NULL)
1829 goto sesssetup_nomem;
1818 strncpy(ses->serverDomain, bcc_ptr, len); 1830 strncpy(ses->serverDomain, bcc_ptr, len);
1819 bcc_ptr += len; 1831 bcc_ptr += len;
1820 bcc_ptr[0] = 0; 1832 bcc_ptr[0] = 0;
@@ -1834,7 +1846,9 @@ CIFSSessSetup(unsigned int xid, struct cifsSesInfo *ses,
1834 smb_buffer_response->WordCount)); 1846 smb_buffer_response->WordCount));
1835 rc = -EIO; 1847 rc = -EIO;
1836 } 1848 }
1837 1849sesssetup_nomem: /* do not return an error on nomem for the info strings,
1850 since that could make reconnection harder, and
1851 reconnection might be needed to free memory */
1838 if (smb_buffer) 1852 if (smb_buffer)
1839 cifs_buf_release(smb_buffer); 1853 cifs_buf_release(smb_buffer);
1840 1854
@@ -2011,7 +2025,7 @@ CIFSSpnegoSessSetup(unsigned int xid, struct cifsSesInfo *ses,
2011 the end since (at least) WIN2K and Windows XP have a major bug in not null 2025 the end since (at least) WIN2K and Windows XP have a major bug in not null
2012 terminating last Unicode string in response */ 2026 terminating last Unicode string in response */
2013 ses->serverOS = 2027 ses->serverOS =
2014 cifs_kcalloc(2 * (len + 1), GFP_KERNEL); 2028 kcalloc(1, 2 * (len + 1), GFP_KERNEL);
2015 cifs_strfromUCS_le(ses->serverOS, 2029 cifs_strfromUCS_le(ses->serverOS,
2016 (wchar_t *) 2030 (wchar_t *)
2017 bcc_ptr, len, 2031 bcc_ptr, len,
@@ -2025,7 +2039,7 @@ CIFSSpnegoSessSetup(unsigned int xid, struct cifsSesInfo *ses,
2025 remaining_words 2039 remaining_words
2026 - 1); 2040 - 1);
2027 ses->serverNOS = 2041 ses->serverNOS =
2028 cifs_kcalloc(2 * (len + 1), 2042 kcalloc(1, 2 * (len + 1),
2029 GFP_KERNEL); 2043 GFP_KERNEL);
2030 cifs_strfromUCS_le(ses->serverNOS, 2044 cifs_strfromUCS_le(ses->serverNOS,
2031 (wchar_t *)bcc_ptr, 2045 (wchar_t *)bcc_ptr,
@@ -2038,7 +2052,7 @@ CIFSSpnegoSessSetup(unsigned int xid, struct cifsSesInfo *ses,
2038 if (remaining_words > 0) { 2052 if (remaining_words > 0) {
2039 len = UniStrnlen((wchar_t *) bcc_ptr, remaining_words); 2053 len = UniStrnlen((wchar_t *) bcc_ptr, remaining_words);
2040 /* last string is not always null terminated (for e.g. for Windows XP & 2000) */ 2054 /* last string is not always null terminated (for e.g. for Windows XP & 2000) */
2041 ses->serverDomain = cifs_kcalloc(2*(len+1),GFP_KERNEL); 2055 ses->serverDomain = kcalloc(1, 2*(len+1),GFP_KERNEL);
2042 cifs_strfromUCS_le(ses->serverDomain, 2056 cifs_strfromUCS_le(ses->serverDomain,
2043 (wchar_t *)bcc_ptr, 2057 (wchar_t *)bcc_ptr,
2044 len, 2058 len,
@@ -2049,10 +2063,10 @@ CIFSSpnegoSessSetup(unsigned int xid, struct cifsSesInfo *ses,
2049 } /* else no more room so create dummy domain string */ 2063 } /* else no more room so create dummy domain string */
2050 else 2064 else
2051 ses->serverDomain = 2065 ses->serverDomain =
2052 cifs_kcalloc(2,GFP_KERNEL); 2066 kcalloc(1, 2,GFP_KERNEL);
2053 } else { /* no room so create dummy domain and NOS string */ 2067 } else { /* no room so create dummy domain and NOS string */
2054 ses->serverDomain = cifs_kcalloc(2, GFP_KERNEL); 2068 ses->serverDomain = kcalloc(1, 2, GFP_KERNEL);
2055 ses->serverNOS = cifs_kcalloc(2, GFP_KERNEL); 2069 ses->serverNOS = kcalloc(1, 2, GFP_KERNEL);
2056 } 2070 }
2057 } else { /* ASCII */ 2071 } else { /* ASCII */
2058 2072
@@ -2060,7 +2074,7 @@ CIFSSpnegoSessSetup(unsigned int xid, struct cifsSesInfo *ses,
2060 if (((long) bcc_ptr + len) - (long) 2074 if (((long) bcc_ptr + len) - (long)
2061 pByteArea(smb_buffer_response) 2075 pByteArea(smb_buffer_response)
2062 <= BCC(smb_buffer_response)) { 2076 <= BCC(smb_buffer_response)) {
2063 ses->serverOS = cifs_kcalloc(len + 1, GFP_KERNEL); 2077 ses->serverOS = kcalloc(1, len + 1, GFP_KERNEL);
2064 strncpy(ses->serverOS, bcc_ptr, len); 2078 strncpy(ses->serverOS, bcc_ptr, len);
2065 2079
2066 bcc_ptr += len; 2080 bcc_ptr += len;
@@ -2068,14 +2082,14 @@ CIFSSpnegoSessSetup(unsigned int xid, struct cifsSesInfo *ses,
2068 bcc_ptr++; 2082 bcc_ptr++;
2069 2083
2070 len = strnlen(bcc_ptr, 1024); 2084 len = strnlen(bcc_ptr, 1024);
2071 ses->serverNOS = cifs_kcalloc(len + 1,GFP_KERNEL); 2085 ses->serverNOS = kcalloc(1, len + 1,GFP_KERNEL);
2072 strncpy(ses->serverNOS, bcc_ptr, len); 2086 strncpy(ses->serverNOS, bcc_ptr, len);
2073 bcc_ptr += len; 2087 bcc_ptr += len;
2074 bcc_ptr[0] = 0; 2088 bcc_ptr[0] = 0;
2075 bcc_ptr++; 2089 bcc_ptr++;
2076 2090
2077 len = strnlen(bcc_ptr, 1024); 2091 len = strnlen(bcc_ptr, 1024);
2078 ses->serverDomain = cifs_kcalloc(len + 1, GFP_KERNEL); 2092 ses->serverDomain = kcalloc(1, len + 1, GFP_KERNEL);
2079 strncpy(ses->serverDomain, bcc_ptr, len); 2093 strncpy(ses->serverDomain, bcc_ptr, len);
2080 bcc_ptr += len; 2094 bcc_ptr += len;
2081 bcc_ptr[0] = 0; 2095 bcc_ptr[0] = 0;
@@ -2325,7 +2339,7 @@ CIFSNTLMSSPNegotiateSessSetup(unsigned int xid,
2325 the end since (at least) WIN2K and Windows XP have a major bug in not null 2339 the end since (at least) WIN2K and Windows XP have a major bug in not null
2326 terminating last Unicode string in response */ 2340 terminating last Unicode string in response */
2327 ses->serverOS = 2341 ses->serverOS =
2328 cifs_kcalloc(2 * (len + 1), GFP_KERNEL); 2342 kcalloc(1, 2 * (len + 1), GFP_KERNEL);
2329 cifs_strfromUCS_le(ses->serverOS, 2343 cifs_strfromUCS_le(ses->serverOS,
2330 (wchar_t *) 2344 (wchar_t *)
2331 bcc_ptr, len, 2345 bcc_ptr, len,
@@ -2340,7 +2354,7 @@ CIFSNTLMSSPNegotiateSessSetup(unsigned int xid,
2340 remaining_words 2354 remaining_words
2341 - 1); 2355 - 1);
2342 ses->serverNOS = 2356 ses->serverNOS =
2343 cifs_kcalloc(2 * (len + 1), 2357 kcalloc(1, 2 * (len + 1),
2344 GFP_KERNEL); 2358 GFP_KERNEL);
2345 cifs_strfromUCS_le(ses-> 2359 cifs_strfromUCS_le(ses->
2346 serverNOS, 2360 serverNOS,
@@ -2357,7 +2371,7 @@ CIFSNTLMSSPNegotiateSessSetup(unsigned int xid,
2357 len = UniStrnlen((wchar_t *) bcc_ptr, remaining_words); 2371 len = UniStrnlen((wchar_t *) bcc_ptr, remaining_words);
2358 /* last string is not always null terminated (for e.g. for Windows XP & 2000) */ 2372 /* last string is not always null terminated (for e.g. for Windows XP & 2000) */
2359 ses->serverDomain = 2373 ses->serverDomain =
2360 cifs_kcalloc(2 * 2374 kcalloc(1, 2 *
2361 (len + 2375 (len +
2362 1), 2376 1),
2363 GFP_KERNEL); 2377 GFP_KERNEL);
@@ -2383,13 +2397,13 @@ CIFSNTLMSSPNegotiateSessSetup(unsigned int xid,
2383 } /* else no more room so create dummy domain string */ 2397 } /* else no more room so create dummy domain string */
2384 else 2398 else
2385 ses->serverDomain = 2399 ses->serverDomain =
2386 cifs_kcalloc(2, 2400 kcalloc(1, 2,
2387 GFP_KERNEL); 2401 GFP_KERNEL);
2388 } else { /* no room so create dummy domain and NOS string */ 2402 } else { /* no room so create dummy domain and NOS string */
2389 ses->serverDomain = 2403 ses->serverDomain =
2390 cifs_kcalloc(2, GFP_KERNEL); 2404 kcalloc(1, 2, GFP_KERNEL);
2391 ses->serverNOS = 2405 ses->serverNOS =
2392 cifs_kcalloc(2, GFP_KERNEL); 2406 kcalloc(1, 2, GFP_KERNEL);
2393 } 2407 }
2394 } else { /* ASCII */ 2408 } else { /* ASCII */
2395 len = strnlen(bcc_ptr, 1024); 2409 len = strnlen(bcc_ptr, 1024);
@@ -2397,7 +2411,7 @@ CIFSNTLMSSPNegotiateSessSetup(unsigned int xid,
2397 pByteArea(smb_buffer_response) 2411 pByteArea(smb_buffer_response)
2398 <= BCC(smb_buffer_response)) { 2412 <= BCC(smb_buffer_response)) {
2399 ses->serverOS = 2413 ses->serverOS =
2400 cifs_kcalloc(len + 1, 2414 kcalloc(1, len + 1,
2401 GFP_KERNEL); 2415 GFP_KERNEL);
2402 strncpy(ses->serverOS, 2416 strncpy(ses->serverOS,
2403 bcc_ptr, len); 2417 bcc_ptr, len);
@@ -2408,7 +2422,7 @@ CIFSNTLMSSPNegotiateSessSetup(unsigned int xid,
2408 2422
2409 len = strnlen(bcc_ptr, 1024); 2423 len = strnlen(bcc_ptr, 1024);
2410 ses->serverNOS = 2424 ses->serverNOS =
2411 cifs_kcalloc(len + 1, 2425 kcalloc(1, len + 1,
2412 GFP_KERNEL); 2426 GFP_KERNEL);
2413 strncpy(ses->serverNOS, bcc_ptr, len); 2427 strncpy(ses->serverNOS, bcc_ptr, len);
2414 bcc_ptr += len; 2428 bcc_ptr += len;
@@ -2417,7 +2431,7 @@ CIFSNTLMSSPNegotiateSessSetup(unsigned int xid,
2417 2431
2418 len = strnlen(bcc_ptr, 1024); 2432 len = strnlen(bcc_ptr, 1024);
2419 ses->serverDomain = 2433 ses->serverDomain =
2420 cifs_kcalloc(len + 1, 2434 kcalloc(1, len + 1,
2421 GFP_KERNEL); 2435 GFP_KERNEL);
2422 strncpy(ses->serverDomain, bcc_ptr, len); 2436 strncpy(ses->serverDomain, bcc_ptr, len);
2423 bcc_ptr += len; 2437 bcc_ptr += len;
@@ -2719,7 +2733,7 @@ CIFSNTLMSSPAuthSessSetup(unsigned int xid, struct cifsSesInfo *ses,
2719 the end since (at least) WIN2K and Windows XP have a major bug in not null 2733 the end since (at least) WIN2K and Windows XP have a major bug in not null
2720 terminating last Unicode string in response */ 2734 terminating last Unicode string in response */
2721 ses->serverOS = 2735 ses->serverOS =
2722 cifs_kcalloc(2 * (len + 1), GFP_KERNEL); 2736 kcalloc(1, 2 * (len + 1), GFP_KERNEL);
2723 cifs_strfromUCS_le(ses->serverOS, 2737 cifs_strfromUCS_le(ses->serverOS,
2724 (wchar_t *) 2738 (wchar_t *)
2725 bcc_ptr, len, 2739 bcc_ptr, len,
@@ -2734,7 +2748,7 @@ CIFSNTLMSSPAuthSessSetup(unsigned int xid, struct cifsSesInfo *ses,
2734 remaining_words 2748 remaining_words
2735 - 1); 2749 - 1);
2736 ses->serverNOS = 2750 ses->serverNOS =
2737 cifs_kcalloc(2 * (len + 1), 2751 kcalloc(1, 2 * (len + 1),
2738 GFP_KERNEL); 2752 GFP_KERNEL);
2739 cifs_strfromUCS_le(ses-> 2753 cifs_strfromUCS_le(ses->
2740 serverNOS, 2754 serverNOS,
@@ -2750,7 +2764,7 @@ CIFSNTLMSSPAuthSessSetup(unsigned int xid, struct cifsSesInfo *ses,
2750 len = UniStrnlen((wchar_t *) bcc_ptr, remaining_words); 2764 len = UniStrnlen((wchar_t *) bcc_ptr, remaining_words);
2751 /* last string not always null terminated (e.g. for Windows XP & 2000) */ 2765 /* last string not always null terminated (e.g. for Windows XP & 2000) */
2752 ses->serverDomain = 2766 ses->serverDomain =
2753 cifs_kcalloc(2 * 2767 kcalloc(1, 2 *
2754 (len + 2768 (len +
2755 1), 2769 1),
2756 GFP_KERNEL); 2770 GFP_KERNEL);
@@ -2775,17 +2789,17 @@ CIFSNTLMSSPAuthSessSetup(unsigned int xid, struct cifsSesInfo *ses,
2775 = 0; 2789 = 0;
2776 } /* else no more room so create dummy domain string */ 2790 } /* else no more room so create dummy domain string */
2777 else 2791 else
2778 ses->serverDomain = cifs_kcalloc(2,GFP_KERNEL); 2792 ses->serverDomain = kcalloc(1, 2,GFP_KERNEL);
2779 } else { /* no room so create dummy domain and NOS string */ 2793 } else { /* no room so create dummy domain and NOS string */
2780 ses->serverDomain = cifs_kcalloc(2, GFP_KERNEL); 2794 ses->serverDomain = kcalloc(1, 2, GFP_KERNEL);
2781 ses->serverNOS = cifs_kcalloc(2, GFP_KERNEL); 2795 ses->serverNOS = kcalloc(1, 2, GFP_KERNEL);
2782 } 2796 }
2783 } else { /* ASCII */ 2797 } else { /* ASCII */
2784 len = strnlen(bcc_ptr, 1024); 2798 len = strnlen(bcc_ptr, 1024);
2785 if (((long) bcc_ptr + len) - 2799 if (((long) bcc_ptr + len) -
2786 (long) pByteArea(smb_buffer_response) 2800 (long) pByteArea(smb_buffer_response)
2787 <= BCC(smb_buffer_response)) { 2801 <= BCC(smb_buffer_response)) {
2788 ses->serverOS = cifs_kcalloc(len + 1,GFP_KERNEL); 2802 ses->serverOS = kcalloc(1, len + 1,GFP_KERNEL);
2789 strncpy(ses->serverOS,bcc_ptr, len); 2803 strncpy(ses->serverOS,bcc_ptr, len);
2790 2804
2791 bcc_ptr += len; 2805 bcc_ptr += len;
@@ -2793,14 +2807,14 @@ CIFSNTLMSSPAuthSessSetup(unsigned int xid, struct cifsSesInfo *ses,
2793 bcc_ptr++; 2807 bcc_ptr++;
2794 2808
2795 len = strnlen(bcc_ptr, 1024); 2809 len = strnlen(bcc_ptr, 1024);
2796 ses->serverNOS = cifs_kcalloc(len+1,GFP_KERNEL); 2810 ses->serverNOS = kcalloc(1, len+1,GFP_KERNEL);
2797 strncpy(ses->serverNOS, bcc_ptr, len); 2811 strncpy(ses->serverNOS, bcc_ptr, len);
2798 bcc_ptr += len; 2812 bcc_ptr += len;
2799 bcc_ptr[0] = 0; 2813 bcc_ptr[0] = 0;
2800 bcc_ptr++; 2814 bcc_ptr++;
2801 2815
2802 len = strnlen(bcc_ptr, 1024); 2816 len = strnlen(bcc_ptr, 1024);
2803 ses->serverDomain = cifs_kcalloc(len+1,GFP_KERNEL); 2817 ses->serverDomain = kcalloc(1, len+1,GFP_KERNEL);
2804 strncpy(ses->serverDomain, bcc_ptr, len); 2818 strncpy(ses->serverDomain, bcc_ptr, len);
2805 bcc_ptr += len; 2819 bcc_ptr += len;
2806 bcc_ptr[0] = 0; 2820 bcc_ptr[0] = 0;
@@ -2912,7 +2926,7 @@ CIFSTCon(unsigned int xid, struct cifsSesInfo *ses,
2912 if(tcon->nativeFileSystem) 2926 if(tcon->nativeFileSystem)
2913 kfree(tcon->nativeFileSystem); 2927 kfree(tcon->nativeFileSystem);
2914 tcon->nativeFileSystem = 2928 tcon->nativeFileSystem =
2915 cifs_kcalloc(length + 2, GFP_KERNEL); 2929 kcalloc(1, length + 2, GFP_KERNEL);
2916 cifs_strfromUCS_le(tcon->nativeFileSystem, 2930 cifs_strfromUCS_le(tcon->nativeFileSystem,
2917 (wchar_t *) bcc_ptr, 2931 (wchar_t *) bcc_ptr,
2918 length, nls_codepage); 2932 length, nls_codepage);
@@ -2930,7 +2944,7 @@ CIFSTCon(unsigned int xid, struct cifsSesInfo *ses,
2930 if(tcon->nativeFileSystem) 2944 if(tcon->nativeFileSystem)
2931 kfree(tcon->nativeFileSystem); 2945 kfree(tcon->nativeFileSystem);
2932 tcon->nativeFileSystem = 2946 tcon->nativeFileSystem =
2933 cifs_kcalloc(length + 1, GFP_KERNEL); 2947 kcalloc(1, length + 1, GFP_KERNEL);
2934 strncpy(tcon->nativeFileSystem, bcc_ptr, 2948 strncpy(tcon->nativeFileSystem, bcc_ptr,
2935 length); 2949 length);
2936 } 2950 }