aboutsummaryrefslogtreecommitdiffstats
path: root/fs
diff options
context:
space:
mode:
Diffstat (limited to 'fs')
-rw-r--r--fs/cifs/CHANGES6
-rw-r--r--fs/cifs/cifs_unicode.c6
-rw-r--r--fs/cifs/cifs_unicode.h7
-rw-r--r--fs/cifs/cifssmb.c12
-rw-r--r--fs/cifs/connect.c5
-rw-r--r--fs/cifs/sess.c8
6 files changed, 25 insertions, 19 deletions
diff --git a/fs/cifs/CHANGES b/fs/cifs/CHANGES
index 1bf818136276..1b0643c2eac6 100644
--- a/fs/cifs/CHANGES
+++ b/fs/cifs/CHANGES
@@ -2,7 +2,11 @@ Version 1.58
2------------ 2------------
3Guard against buffer overruns in various UCS-2 to UTF-8 string conversions 3Guard against buffer overruns in various UCS-2 to UTF-8 string conversions
4when the UTF-8 string is composed of unusually long (more than 4 byte) converted 4when the UTF-8 string is composed of unusually long (more than 4 byte) converted
5characters. 5characters. Add support for mounting root of a share which redirects immediately
6to DFS target. Convert string conversion functions from Unicode to more
7accurately mark string length before allocating memory (which may help the
8rare cases where a UTF-8 string is much larger than the UCS2 string that
9we converted from).
6 10
7Version 1.57 11Version 1.57
8------------ 12------------
diff --git a/fs/cifs/cifs_unicode.c b/fs/cifs/cifs_unicode.c
index 2a879cff3a40..6382720acf7c 100644
--- a/fs/cifs/cifs_unicode.c
+++ b/fs/cifs/cifs_unicode.c
@@ -1,7 +1,7 @@
1/* 1/*
2 * fs/cifs/cifs_unicode.c 2 * fs/cifs/cifs_unicode.c
3 * 3 *
4 * Copyright (c) International Business Machines Corp., 2000,2005 4 * Copyright (c) International Business Machines Corp., 2000,2009
5 * Modified by Steve French (sfrench@us.ibm.com) 5 * Modified by Steve French (sfrench@us.ibm.com)
6 * 6 *
7 * This program is free software; you can redistribute it and/or modify 7 * This program is free software; you can redistribute it and/or modify
@@ -244,7 +244,7 @@ cifs_strtoUCS(__le16 *to, const char *from, int len,
244} 244}
245 245
246/* 246/*
247 * cifs_strndup - copy a string from wire format to the local codepage 247 * cifs_strndup_from_ucs - copy a string from wire format to the local codepage
248 * @src - source string 248 * @src - source string
249 * @maxlen - don't walk past this many bytes in the source string 249 * @maxlen - don't walk past this many bytes in the source string
250 * @is_unicode - is this a unicode string? 250 * @is_unicode - is this a unicode string?
@@ -255,7 +255,7 @@ cifs_strtoUCS(__le16 *to, const char *from, int len,
255 * error. 255 * error.
256 */ 256 */
257char * 257char *
258cifs_strndup(const char *src, const int maxlen, const bool is_unicode, 258cifs_strndup_from_ucs(const char *src, const int maxlen, const bool is_unicode,
259 const struct nls_table *codepage) 259 const struct nls_table *codepage)
260{ 260{
261 int len; 261 int len;
diff --git a/fs/cifs/cifs_unicode.h b/fs/cifs/cifs_unicode.h
index e620f0b42201..1570a701bf3f 100644
--- a/fs/cifs/cifs_unicode.h
+++ b/fs/cifs/cifs_unicode.h
@@ -5,7 +5,7 @@
5 * Convert a unicode character to upper or lower case using 5 * Convert a unicode character to upper or lower case using
6 * compressed tables. 6 * compressed tables.
7 * 7 *
8 * Copyright (c) International Business Machines Corp., 2000,2007 8 * Copyright (c) International Business Machines Corp., 2000,2009
9 * 9 *
10 * This program is free software; you can redistribute it and/or modify 10 * This program is free software; you can redistribute it and/or modify
11 * it under the terms of the GNU General Public License as published by 11 * it under the terms of the GNU General Public License as published by
@@ -78,8 +78,9 @@ int cifs_ucs2_bytes(const __le16 *from, int maxbytes,
78 const struct nls_table *codepage); 78 const struct nls_table *codepage);
79int cifs_strfromUCS_le(char *, const __le16 *, int, const struct nls_table *); 79int cifs_strfromUCS_le(char *, const __le16 *, int, const struct nls_table *);
80int cifs_strtoUCS(__le16 *, const char *, int, const struct nls_table *); 80int cifs_strtoUCS(__le16 *, const char *, int, const struct nls_table *);
81char *cifs_strndup(const char *src, const int maxlen, const bool is_unicode, 81char *cifs_strndup_from_ucs(const char *src, const int maxlen,
82 const struct nls_table *codepage); 82 const bool is_unicode,
83 const struct nls_table *codepage);
83#endif 84#endif
84 85
85/* 86/*
diff --git a/fs/cifs/cifssmb.c b/fs/cifs/cifssmb.c
index dfb8e391d538..df5276e628bf 100644
--- a/fs/cifs/cifssmb.c
+++ b/fs/cifs/cifssmb.c
@@ -1,7 +1,7 @@
1/* 1/*
2 * fs/cifs/cifssmb.c 2 * fs/cifs/cifssmb.c
3 * 3 *
4 * Copyright (C) International Business Machines Corp., 2002,2008 4 * Copyright (C) International Business Machines Corp., 2002,2009
5 * Author(s): Steve French (sfrench@us.ibm.com) 5 * Author(s): Steve French (sfrench@us.ibm.com)
6 * 6 *
7 * Contains the routines for constructing the SMB PDUs themselves 7 * Contains the routines for constructing the SMB PDUs themselves
@@ -2457,7 +2457,7 @@ querySymLinkRetry:
2457 le16_to_cpu(pSMBr->t2.DataOffset); 2457 le16_to_cpu(pSMBr->t2.DataOffset);
2458 2458
2459 /* BB FIXME investigate remapping reserved chars here */ 2459 /* BB FIXME investigate remapping reserved chars here */
2460 *symlinkinfo = cifs_strndup(data_start, count, 2460 *symlinkinfo = cifs_strndup_from_ucs(data_start, count,
2461 pSMBr->hdr.Flags2 & 2461 pSMBr->hdr.Flags2 &
2462 SMBFLG2_UNICODE, 2462 SMBFLG2_UNICODE,
2463 nls_codepage); 2463 nls_codepage);
@@ -3965,8 +3965,8 @@ parse_DFS_referrals(TRANSACTION2_GET_DFS_REFER_RSP *pSMBr,
3965 /* copy DfsPath */ 3965 /* copy DfsPath */
3966 temp = (char *)ref + le16_to_cpu(ref->DfsPathOffset); 3966 temp = (char *)ref + le16_to_cpu(ref->DfsPathOffset);
3967 max_len = data_end - temp; 3967 max_len = data_end - temp;
3968 node->path_name = cifs_strndup(temp, max_len, is_unicode, 3968 node->path_name = cifs_strndup_from_ucs(temp, max_len,
3969 nls_codepage); 3969 is_unicode, nls_codepage);
3970 if (IS_ERR(node->path_name)) { 3970 if (IS_ERR(node->path_name)) {
3971 rc = PTR_ERR(node->path_name); 3971 rc = PTR_ERR(node->path_name);
3972 node->path_name = NULL; 3972 node->path_name = NULL;
@@ -3976,8 +3976,8 @@ parse_DFS_referrals(TRANSACTION2_GET_DFS_REFER_RSP *pSMBr,
3976 /* copy link target UNC */ 3976 /* copy link target UNC */
3977 temp = (char *)ref + le16_to_cpu(ref->NetworkAddressOffset); 3977 temp = (char *)ref + le16_to_cpu(ref->NetworkAddressOffset);
3978 max_len = data_end - temp; 3978 max_len = data_end - temp;
3979 node->node_name = cifs_strndup(temp, max_len, is_unicode, 3979 node->node_name = cifs_strndup_from_ucs(temp, max_len,
3980 nls_codepage); 3980 is_unicode, nls_codepage);
3981 if (IS_ERR(node->node_name)) { 3981 if (IS_ERR(node->node_name)) {
3982 rc = PTR_ERR(node->node_name); 3982 rc = PTR_ERR(node->node_name);
3983 node->node_name = NULL; 3983 node->node_name = NULL;
diff --git a/fs/cifs/connect.c b/fs/cifs/connect.c
index 7e5d4fda4936..39f5362e2cb5 100644
--- a/fs/cifs/connect.c
+++ b/fs/cifs/connect.c
@@ -1,7 +1,7 @@
1/* 1/*
2 * fs/cifs/connect.c 2 * fs/cifs/connect.c
3 * 3 *
4 * Copyright (C) International Business Machines Corp., 2002,2008 4 * Copyright (C) International Business Machines Corp., 2002,2009
5 * Author(s): Steve French (sfrench@us.ibm.com) 5 * Author(s): Steve French (sfrench@us.ibm.com)
6 * 6 *
7 * This library is free software; you can redistribute it and/or modify 7 * This library is free software; you can redistribute it and/or modify
@@ -3463,7 +3463,8 @@ CIFSTCon(unsigned int xid, struct cifsSesInfo *ses,
3463 strncpy(tcon->treeName, tree, MAX_TREE_SIZE); 3463 strncpy(tcon->treeName, tree, MAX_TREE_SIZE);
3464 3464
3465 /* mostly informational -- no need to fail on error here */ 3465 /* mostly informational -- no need to fail on error here */
3466 tcon->nativeFileSystem = cifs_strndup(bcc_ptr, bytes_left, 3466 tcon->nativeFileSystem = cifs_strndup_from_ucs(bcc_ptr,
3467 bytes_left,
3467 smb_buffer->Flags2 & 3468 smb_buffer->Flags2 &
3468 SMBFLG2_UNICODE, 3469 SMBFLG2_UNICODE,
3469 nls_codepage); 3470 nls_codepage);
diff --git a/fs/cifs/sess.c b/fs/cifs/sess.c
index 93022dc9babb..2bcff17047ab 100644
--- a/fs/cifs/sess.c
+++ b/fs/cifs/sess.c
@@ -3,7 +3,7 @@
3 * 3 *
4 * SMB/CIFS session setup handling routines 4 * SMB/CIFS session setup handling routines
5 * 5 *
6 * Copyright (c) International Business Machines Corp., 2006, 2007 6 * Copyright (c) International Business Machines Corp., 2006, 2009
7 * Author(s): Steve French (sfrench@us.ibm.com) 7 * Author(s): Steve French (sfrench@us.ibm.com)
8 * 8 *
9 * This library is free software; you can redistribute it and/or modify 9 * This library is free software; you can redistribute it and/or modify
@@ -300,7 +300,7 @@ decode_unicode_ssetup(char **pbcc_area, int bleft, struct cifsSesInfo *ses,
300 } 300 }
301 301
302 kfree(ses->serverOS); 302 kfree(ses->serverOS);
303 ses->serverOS = cifs_strndup(data, bleft, true, nls_cp); 303 ses->serverOS = cifs_strndup_from_ucs(data, bleft, true, nls_cp);
304 cFYI(1, ("serverOS=%s", ses->serverOS)); 304 cFYI(1, ("serverOS=%s", ses->serverOS));
305 len = (UniStrnlen((wchar_t *) data, bleft / 2) * 2) + 2; 305 len = (UniStrnlen((wchar_t *) data, bleft / 2) * 2) + 2;
306 data += len; 306 data += len;
@@ -309,7 +309,7 @@ decode_unicode_ssetup(char **pbcc_area, int bleft, struct cifsSesInfo *ses,
309 return; 309 return;
310 310
311 kfree(ses->serverNOS); 311 kfree(ses->serverNOS);
312 ses->serverNOS = cifs_strndup(data, bleft, true, nls_cp); 312 ses->serverNOS = cifs_strndup_from_ucs(data, bleft, true, nls_cp);
313 cFYI(1, ("serverNOS=%s", ses->serverNOS)); 313 cFYI(1, ("serverNOS=%s", ses->serverNOS));
314 len = (UniStrnlen((wchar_t *) data, bleft / 2) * 2) + 2; 314 len = (UniStrnlen((wchar_t *) data, bleft / 2) * 2) + 2;
315 data += len; 315 data += len;
@@ -318,7 +318,7 @@ decode_unicode_ssetup(char **pbcc_area, int bleft, struct cifsSesInfo *ses,
318 return; 318 return;
319 319
320 kfree(ses->serverDomain); 320 kfree(ses->serverDomain);
321 ses->serverDomain = cifs_strndup(data, bleft, true, nls_cp); 321 ses->serverDomain = cifs_strndup_from_ucs(data, bleft, true, nls_cp);
322 cFYI(1, ("serverDomain=%s", ses->serverDomain)); 322 cFYI(1, ("serverDomain=%s", ses->serverDomain));
323 323
324 return; 324 return;