]> git.ipfire.org Git - thirdparty/kernel/stable.git/commit
projects / thirdparty / kernel / stable.git / commit
? search:
summary | shortlog | log | commit | commitdiff | tree
(parent: a9042db) | patch
ksmbd: fix integer overflows on 32 bit systems
authorDan Carpenter <dan.carpenter@linaro.org>
Wed, 15 Jan 2025 00:28:35 +0000 (09:28 +0900)
committerGreg Kroah-Hartman <gregkh@linuxfoundation.org>
Thu, 13 Mar 2025 11:50:48 +0000 (12:50 +0100)
commitf3b9fb2764591d792d160f375851013665a9e820
tree299ba27cdd99263c0911cb0cba564a793b54db74tree
parenta9042dbc1ed4bf25a5f5c699d10c3d676abf8ca2commit | diff
ksmbd: fix integer overflows on 32 bit systems

[ Upstream commit aab98e2dbd648510f8f51b83fbf4721206ccae45 ]

On 32bit systems the addition operations in ipc_msg_alloc() can
potentially overflow leading to memory corruption.
Add bounds checking using KSMBD_IPC_MAX_PAYLOAD to avoid overflow.

Fixes: 0626e6641f6b ("cifsd: add server handler for central processing and tranport layers")
Cc: stable@vger.kernel.org
Signed-off-by: Dan Carpenter <dan.carpenter@linaro.org>
Signed-off-by: Namjae Jeon <linkinjeon@kernel.org>
Signed-off-by: Steve French <stfrench@microsoft.com>
Signed-off-by: Sasha Levin <sashal@kernel.org>
fs/ksmbd/transport_ipc.c diff | blob | blame | history
Mirror https://git.kernel.org/pub/scm/linux/kernel/git/stable/linux.git