]> git.ipfire.org Git - thirdparty/linux.git/blobdiff - fs/smb/client/connect.c
projects / thirdparty / linux.git / blobdiff
? search:
summary | shortlog | log | commit | commitdiff | tree
raw | inline | side by side
smb: client: fix OOB in cifsd when receiving compounded resps
[thirdparty/linux.git] / fs / smb / client / connect.c
diff --git a/fs/smb/client/connect.c b/fs/smb/client/connect.c
index 9dc6dc2754c2e9e16232e7053f4f5e460246174d..dd2a1fb65e71764472c463742fe15255a88fb5c6 100644 (file)
--- a/fs/smb/client/connect.c
+++ b/fs/smb/client/connect.c
@@ -1201,7 +1201,12 @@ next_pdu:
                server->total_read += length;
 
                if (server->ops->next_header) {
-                       next_offset = server->ops->next_header(buf);
+                       if (server->ops->next_header(server, buf, &next_offset)) {
+                               cifs_dbg(VFS, "%s: malformed response (next_offset=%u)\n",
+                                        __func__, next_offset);
+                               cifs_reconnect(server, true);
+                               continue;
+                       }
                        if (next_offset)
                                server->pdu_size = next_offset;
                }
A mirror of Linus' kernel repository