]> git.ipfire.org Git - thirdparty/kernel/linux.git/commit
projects / thirdparty / kernel / linux.git / commit
? search:
summary | shortlog | log | commit | commitdiff | tree
(parent: e202a1e) | patch
ksmbd: fix out of bounds in init_smb2_rsp_hdr()
authorNamjae Jeon <linkinjeon@kernel.org>
Sun, 23 Jul 2023 06:27:37 +0000 (15:27 +0900)
committerSteve French <stfrench@microsoft.com>
Sun, 23 Jul 2023 15:25:11 +0000 (10:25 -0500)
commit536bb492d39bb6c080c92f31e8a55fe9934f452b
treed88bd5f8284b25fd35f03fb188f160daf0c6e1a5tree | snapshot
parente202a1e8634b186da38cbbff85382ea2b9e297cfcommit | diff
ksmbd: fix out of bounds in init_smb2_rsp_hdr()

If client send smb2 negotiate request and then send smb1 negotiate
request, init_smb2_rsp_hdr is called for smb1 negotiate request since
need_neg is set to false. This patch ignore smb1 packets after ->need_neg
is set to false.

Reported-by: zdi-disclosures@trendmicro.com # ZDI-CAN-21541
Signed-off-by: Namjae Jeon <linkinjeon@kernel.org>
Signed-off-by: Steve French <stfrench@microsoft.com>
fs/smb/server/server.c diff | blob | blame | history
fs/smb/server/smb_common.c diff | blob | blame | history
fs/smb/server/smb_common.h diff | blob | blame | history
A mirror of Linus' kernel repository