diff options
| author | Jeff Layton <[email protected]> | 2014-02-14 07:21:00 -0500 |
|---|---|---|
| committer | Steve French <[email protected]> | 2014-02-23 20:55:07 -0600 |
| commit | a26054d184763969a411e3939fe243516715ff59 (patch) | |
| tree | 949134388a332f66f28a80d329263031e7136d43 /scripts/mod/file2alias.c | |
| parent | 6b1168e1617d9d4db73ef5276490627abf5adec4 (diff) | |
cifs: sanity check length of data to send before sending
We had a bug discovered recently where an upper layer function
(cifs_iovec_write) could pass down a smb_rqst with an invalid amount of
data in it. The length of the SMB frame would be correct, but the rqst
struct would cause smb_send_rqst to send nearly 4GB of data.
This should never be the case. Add some sanity checking to the beginning
of smb_send_rqst that ensures that the amount of data we're going to
send agrees with the length in the RFC1002 header. If it doesn't, WARN()
and return -EIO to the upper layers.
Signed-off-by: Jeff Layton <[email protected]>
Acked-by: Sachin Prabhu <[email protected]>
Reviewed-by: Pavel Shilovsky <[email protected]>
Signed-off-by: Steve French <[email protected]>
Diffstat (limited to 'scripts/mod/file2alias.c')
0 files changed, 0 insertions, 0 deletions