diff options
Diffstat (limited to 'fs/cifs/connect.c')
| -rw-r--r-- | fs/cifs/connect.c | 43 |
1 files changed, 28 insertions, 15 deletions
diff --git a/fs/cifs/connect.c b/fs/cifs/connect.c index 9d6d9a09d973..8b341a8599f8 100644 --- a/fs/cifs/connect.c +++ b/fs/cifs/connect.c | |||
| @@ -278,7 +278,7 @@ static int coalesce_t2(struct smb_hdr *psecond, struct smb_hdr *pTargetSMB) | |||
| 278 | total_data_size = le16_to_cpu(pSMBt->t2_rsp.TotalDataCount); | 278 | total_data_size = le16_to_cpu(pSMBt->t2_rsp.TotalDataCount); |
| 279 | 279 | ||
| 280 | if (total_data_size != le16_to_cpu(pSMB2->t2_rsp.TotalDataCount)) { | 280 | if (total_data_size != le16_to_cpu(pSMB2->t2_rsp.TotalDataCount)) { |
| 281 | cFYI(1, ("total data sizes of primary and secondary t2 differ")); | 281 | cFYI(1, ("total data size of primary and secondary t2 differ")); |
| 282 | } | 282 | } |
| 283 | 283 | ||
| 284 | total_in_buf = le16_to_cpu(pSMBt->t2_rsp.DataCount); | 284 | total_in_buf = le16_to_cpu(pSMBt->t2_rsp.DataCount); |
| @@ -1036,7 +1036,8 @@ cifs_parse_mount_options(char *options, const char *devname, | |||
| 1036 | } | 1036 | } |
| 1037 | } else if (strnicmp(data, "iocharset", 9) == 0) { | 1037 | } else if (strnicmp(data, "iocharset", 9) == 0) { |
| 1038 | if (!value || !*value) { | 1038 | if (!value || !*value) { |
| 1039 | printk(KERN_WARNING "CIFS: invalid iocharset specified\n"); | 1039 | printk(KERN_WARNING "CIFS: invalid iocharset " |
| 1040 | "specified\n"); | ||
| 1040 | return 1; /* needs_arg; */ | 1041 | return 1; /* needs_arg; */ |
| 1041 | } | 1042 | } |
| 1042 | if (strnlen(value, 65) < 65) { | 1043 | if (strnlen(value, 65) < 65) { |
| @@ -1046,7 +1047,8 @@ cifs_parse_mount_options(char *options, const char *devname, | |||
| 1046 | is used by caller */ | 1047 | is used by caller */ |
| 1047 | cFYI(1, ("iocharset set to %s", value)); | 1048 | cFYI(1, ("iocharset set to %s", value)); |
| 1048 | } else { | 1049 | } else { |
| 1049 | printk(KERN_WARNING "CIFS: iocharset name too long.\n"); | 1050 | printk(KERN_WARNING "CIFS: iocharset name " |
| 1051 | "too long.\n"); | ||
| 1050 | return 1; | 1052 | return 1; |
| 1051 | } | 1053 | } |
| 1052 | } else if (strnicmp(data, "uid", 3) == 0) { | 1054 | } else if (strnicmp(data, "uid", 3) == 0) { |
| @@ -1098,7 +1100,7 @@ cifs_parse_mount_options(char *options, const char *devname, | |||
| 1098 | } | 1100 | } |
| 1099 | } else if (strnicmp(data, "netbiosname", 4) == 0) { | 1101 | } else if (strnicmp(data, "netbiosname", 4) == 0) { |
| 1100 | if (!value || !*value || (*value == ' ')) { | 1102 | if (!value || !*value || (*value == ' ')) { |
| 1101 | cFYI(1, ("invalid (empty) netbiosname specified")); | 1103 | cFYI(1, ("invalid (empty) netbiosname")); |
| 1102 | } else { | 1104 | } else { |
| 1103 | memset(vol->source_rfc1001_name, 0x20, 15); | 1105 | memset(vol->source_rfc1001_name, 0x20, 15); |
| 1104 | for (i = 0; i < 15; i++) { | 1106 | for (i = 0; i < 15; i++) { |
| @@ -2827,7 +2829,8 @@ CIFSNTLMSSPNegotiateSessSetup(unsigned int xid, | |||
| 2827 | bcc_ptr++; | 2829 | bcc_ptr++; |
| 2828 | } else | 2830 | } else |
| 2829 | cFYI(1, | 2831 | cFYI(1, |
| 2830 | ("Variable field of length %d extends beyond end of smb", | 2832 | ("field of length %d " |
| 2833 | "extends beyond end of smb", | ||
| 2831 | len)); | 2834 | len)); |
| 2832 | } | 2835 | } |
| 2833 | } else { | 2836 | } else { |
| @@ -2990,13 +2993,17 @@ CIFSNTLMSSPAuthSessSetup(unsigned int xid, struct cifsSesInfo *ses, | |||
| 2990 | cpu_to_le16(len); | 2993 | cpu_to_le16(len); |
| 2991 | } | 2994 | } |
| 2992 | 2995 | ||
| 2993 | /* SecurityBlob->WorkstationName.Length = cifs_strtoUCS((__le16 *) bcc_ptr, "AMACHINE",64, nls_codepage); | 2996 | /* SecurityBlob->WorkstationName.Length = |
| 2997 | cifs_strtoUCS((__le16 *) bcc_ptr, "AMACHINE",64, nls_codepage); | ||
| 2994 | SecurityBlob->WorkstationName.Length *= 2; | 2998 | SecurityBlob->WorkstationName.Length *= 2; |
| 2995 | SecurityBlob->WorkstationName.MaximumLength = cpu_to_le16(SecurityBlob->WorkstationName.Length); | 2999 | SecurityBlob->WorkstationName.MaximumLength = |
| 2996 | SecurityBlob->WorkstationName.Buffer = cpu_to_le32(SecurityBlobLength); | 3000 | cpu_to_le16(SecurityBlob->WorkstationName.Length); |
| 3001 | SecurityBlob->WorkstationName.Buffer = | ||
| 3002 | cpu_to_le32(SecurityBlobLength); | ||
| 2997 | bcc_ptr += SecurityBlob->WorkstationName.Length; | 3003 | bcc_ptr += SecurityBlob->WorkstationName.Length; |
| 2998 | SecurityBlobLength += SecurityBlob->WorkstationName.Length; | 3004 | SecurityBlobLength += SecurityBlob->WorkstationName.Length; |
| 2999 | SecurityBlob->WorkstationName.Length = cpu_to_le16(SecurityBlob->WorkstationName.Length); */ | 3005 | SecurityBlob->WorkstationName.Length = |
| 3006 | cpu_to_le16(SecurityBlob->WorkstationName.Length); */ | ||
| 3000 | 3007 | ||
| 3001 | if ((long) bcc_ptr % 2) { | 3008 | if ((long) bcc_ptr % 2) { |
| 3002 | *bcc_ptr = 0; | 3009 | *bcc_ptr = 0; |
| @@ -3202,7 +3209,7 @@ CIFSNTLMSSPAuthSessSetup(unsigned int xid, struct cifsSesInfo *ses, | |||
| 3202 | len = strnlen(bcc_ptr, 1024); | 3209 | len = strnlen(bcc_ptr, 1024); |
| 3203 | if (((long) bcc_ptr + len) - | 3210 | if (((long) bcc_ptr + len) - |
| 3204 | (long) pByteArea(smb_buffer_response) | 3211 | (long) pByteArea(smb_buffer_response) |
| 3205 | <= BCC(smb_buffer_response)) { | 3212 | <= BCC(smb_buffer_response)) { |
| 3206 | if (ses->serverOS) | 3213 | if (ses->serverOS) |
| 3207 | kfree(ses->serverOS); | 3214 | kfree(ses->serverOS); |
| 3208 | ses->serverOS = kzalloc(len + 1,GFP_KERNEL); | 3215 | ses->serverOS = kzalloc(len + 1,GFP_KERNEL); |
| @@ -3216,7 +3223,8 @@ CIFSNTLMSSPAuthSessSetup(unsigned int xid, struct cifsSesInfo *ses, | |||
| 3216 | kfree(ses->serverNOS); | 3223 | kfree(ses->serverNOS); |
| 3217 | ses->serverNOS = kzalloc(len+1, | 3224 | ses->serverNOS = kzalloc(len+1, |
| 3218 | GFP_KERNEL); | 3225 | GFP_KERNEL); |
| 3219 | strncpy(ses->serverNOS, bcc_ptr, len); | 3226 | strncpy(ses->serverNOS, |
| 3227 | bcc_ptr, len); | ||
| 3220 | bcc_ptr += len; | 3228 | bcc_ptr += len; |
| 3221 | bcc_ptr[0] = 0; | 3229 | bcc_ptr[0] = 0; |
| 3222 | bcc_ptr++; | 3230 | bcc_ptr++; |
| @@ -3224,19 +3232,24 @@ CIFSNTLMSSPAuthSessSetup(unsigned int xid, struct cifsSesInfo *ses, | |||
| 3224 | len = strnlen(bcc_ptr, 1024); | 3232 | len = strnlen(bcc_ptr, 1024); |
| 3225 | if (ses->serverDomain) | 3233 | if (ses->serverDomain) |
| 3226 | kfree(ses->serverDomain); | 3234 | kfree(ses->serverDomain); |
| 3227 | ses->serverDomain = kzalloc(len+1,GFP_KERNEL); | 3235 | ses->serverDomain = |
| 3228 | strncpy(ses->serverDomain, bcc_ptr, len); | 3236 | kzalloc(len+1, |
| 3237 | GFP_KERNEL); | ||
| 3238 | strncpy(ses->serverDomain, | ||
| 3239 | bcc_ptr, len); | ||
| 3229 | bcc_ptr += len; | 3240 | bcc_ptr += len; |
| 3230 | bcc_ptr[0] = 0; | 3241 | bcc_ptr[0] = 0; |
| 3231 | bcc_ptr++; | 3242 | bcc_ptr++; |
| 3232 | } else | 3243 | } else |
| 3233 | cFYI(1, | 3244 | cFYI(1, |
| 3234 | ("Variable field of length %d extends beyond end of smb ", | 3245 | ("field of length %d " |
| 3246 | "extends beyond end of smb ", | ||
| 3235 | len)); | 3247 | len)); |
| 3236 | } | 3248 | } |
| 3237 | } else { | 3249 | } else { |
| 3238 | cERROR(1, | 3250 | cERROR(1, |
| 3239 | (" Security Blob Length extends beyond end of SMB")); | 3251 | (" Security Blob extends beyond end " |
| 3252 | "of SMB")); | ||
| 3240 | } | 3253 | } |
| 3241 | } else { | 3254 | } else { |
| 3242 | cERROR(1, ("No session structure passed in.")); | 3255 | cERROR(1, ("No session structure passed in.")); |