android/android_kernel_samsung_sm8650
1
0
Fork 0
Code Issues Pull Requests Actions Packages Projects Releases Wiki Activity
7521b904dc
android_kernel_samsung_sm8650/fs/cifs
History
David Disseldorp f4523cd498 cifs: fix negotiate context parsing 
[ Upstream commit 5105a7ffce19160e7062aee67fb6b3b8a1b56d78 ]

smb311_decode_neg_context() doesn't properly check against SMB packet
boundaries prior to accessing individual negotiate context entries. This
is due to the length check omitting the eight byte smb2_neg_context
header, as well as incorrect decrementing of len_of_ctxts.

Fixes: 5100d8a3fe ("SMB311: Improve checking of negotiate security contexts")
Reported-by: Volker Lendecke <vl@samba.org>
Reviewed-by: Paulo Alcantara (SUSE) <pc@manguebit.com>
Signed-off-by: David Disseldorp <ddiss@suse.de>
Signed-off-by: Steve French <stfrench@microsoft.com>
Signed-off-by: Sasha Levin <sashal@kernel.org>
2023-04-20 12:35:14 +02:00
..
asn1.c cifs: decoding negTokenInit with generic ASN1 decoder 2021-06-20 21:28:17 -05:00
cached_dir.c cifs: fix dentry lookups in directory handle cache 2023-03-30 12:49:21 +02:00
cached_dir.h cifs: drop the lease for cached directories on rmdir or rename 2022-10-19 17:57:41 -05:00
cifs_debug.c cifs: print session id while listing open files 2023-03-30 12:49:21 +02:00
cifs_debug.h smb3: add dynamic trace points for tree disconnect 2022-10-05 01:31:18 -05:00
cifs_dfs_ref.c cifs: support nested dfs links over reconnect 2021-11-10 16:30:13 -06:00
cifs_fs_sb.h cifs: support nested dfs links over reconnect 2021-11-10 16:30:13 -06:00
cifs_ioctl.h smb3: improve SMB3 change notification support 2022-10-15 10:05:53 -05:00
cifs_spnego_negtokeninit.asn1 cifs: decoding negTokenInit with generic ASN1 decoder 2021-06-20 21:28:17 -05:00
cifs_spnego.c cifs: use the chans_need_reconnect bitmap for reconnect status 2022-01-02 20:38:46 -06:00
cifs_spnego.h cifs: use the chans_need_reconnect bitmap for reconnect status 2022-01-02 20:38:46 -06:00
cifs_swn.c smb3: add dynamic trace points for tree disconnect 2022-10-05 01:31:18 -05:00
cifs_swn.h cifs: simplify SWN code with dummy funcs instead of ifdefs 2021-04-25 16:28:22 -05:00
cifs_unicode.c cifs: remove pathname for file from SPDX header 2021-09-13 14:51:10 -05:00
cifs_unicode.h treewide: Replace GPLv2 boilerplate/reference with SPDX - rule 156 2019-05-30 11:26:35 -07:00
cifs_uniupr.h treewide: Replace GPLv2 boilerplate/reference with SPDX - rule 156 2019-05-30 11:26:35 -07:00
cifsacl.c cifs: Fix uninitialized memory reads for oparms.mode 2023-03-10 09:34:05 +01:00
cifsacl.h cifs: remove pathname for file from SPDX header 2021-09-13 14:51:10 -05:00
cifsencrypt.c cifs: fix potential memory leaks in session setup 2023-02-01 08:34:32 +01:00
cifsfs.c smb3: fix unusable share after force unmount failure 2023-03-30 12:49:14 +02:00
cifsfs.h cifs: fix DFS traversal oops without CONFIG_CIFS_DFS_UPCALL 2023-04-06 12:10:50 +02:00
cifsglob.h cifs: fix oops during encryption 2022-12-21 17:48:11 +01:00
cifspdu.h cifs: Replace a couple of one-element arrays with flexible-array members 2022-10-05 17:42:38 -05:00
cifsproto.h cifs: prevent data race in cifs_reconnect_tcon() 2023-04-06 12:10:33 +02:00
cifsroot.c cifs: move from strlcpy with unused retval to strscpy 2022-08-19 11:02:26 -05:00
cifssmb.c cifs: prevent infinite recursion in CIFSGetDFSRefer() 2023-04-06 12:10:50 +02:00
connect.c cifs: avoid race conditions with parallel reconnects 2023-04-06 12:10:34 +02:00
dfs_cache.c cifs: fix return of uninitialized rc in dfs_cache_update_tgthint() 2023-02-06 08:06:33 +01:00
dfs_cache.h cifs: support share failover when remounting 2021-07-22 11:43:23 -05:00
dir.c cifs: Fix uninitialized memory reads for oparms.mode 2023-03-10 09:34:05 +01:00
dns_resolve.c cifs: remove pathname for file from SPDX header 2021-09-13 14:51:10 -05:00
dns_resolve.h cifs: remove pathname for file from SPDX header 2021-09-13 14:51:10 -05:00
export.c cifs: remove pathname for file from SPDX header 2021-09-13 14:51:10 -05:00
file.c cifs: Fix uninitialized memory reads for oparms.mode 2023-03-10 09:34:05 +01:00
fs_context.c cifs: sanitize paths in cifs_update_super_prepath. 2023-04-13 16:55:32 +02:00
fs_context.h cifs: sanitize paths in cifs_update_super_prepath. 2023-04-13 16:55:32 +02:00
fscache.c use less confusing names for iov_iter direction initializers 2023-02-09 11:28:04 +01:00
fscache.h cifs: Remove {cifs,nfs}_fscache_release_page() 2022-08-10 21:26:08 -05:00
inode.c cifs: Fix uninitialized memory reads for oparms.mode 2023-03-10 09:34:05 +01:00
ioctl.c cifs: Fix wrong return value checking when GETFLAGS 2022-11-16 00:21:04 -06:00
Kconfig cifs: Support fscache indexing rewrite 2022-01-19 11:21:08 -06:00
link.c cifs: append path to open_enter trace event 2023-03-30 12:49:20 +02:00
Makefile cifs: Move cached-dir functions into a separate file 2022-08-11 10:33:18 -05:00
misc.c cifs: sanitize paths in cifs_update_super_prepath. 2023-04-13 16:55:32 +02:00
netlink.c genetlink: start to validate reserved header bytes 2022-08-29 12:47:15 +01:00
netlink.h cifs: Register generic netlink family 2020-12-14 09:16:22 -06:00
netmisc.c cifs: remove unused server parameter from calc_smb_size() 2022-08-17 18:07:13 -05:00
nterr.c treewide: Replace GPLv2 boilerplate/reference with SPDX - rule 61 2019-05-24 17:36:45 +02:00
nterr.h treewide: Replace GPLv2 boilerplate/reference with SPDX - rule 61 2019-05-24 17:36:45 +02:00
ntlmssp.h treewide: Replace zero-length arrays with flexible-array members 2022-02-17 07:00:39 -06:00
readdir.c cifs: improve symlink handling for smb2+ 2022-10-13 09:36:04 -05:00
rfc1002pdu.h cifs: remove pathname for file from SPDX header 2021-09-13 14:51:10 -05:00
sess.c cifs: fix potential memory leaks in session setup 2023-02-01 08:34:32 +01:00
smb1ops.c cifs: Fix uninitialized memory reads for oparms.mode 2023-03-10 09:34:05 +01:00
smb2file.c cifs: don't leak -ENOMEM in smb2_open_file() 2022-12-31 13:32:56 +01:00
smb2glob.h smb3: move defines for ioctl protocol header and SMB2 sizes to smbfs_common 2022-03-26 23:09:20 -05:00
smb2inode.c cifs: append path to open_enter trace event 2023-03-30 12:49:20 +02:00
smb2maperror.c cifs: Create a new shared file holding smb2 pdu definitions 2021-11-05 09:50:57 -05:00
smb2misc.c cifs: avoid unnecessary iteration of tcp sessions 2022-11-04 23:34:40 -05:00
smb2ops.c cifs: empty interface list when server doesn't support query interfaces 2023-03-30 12:49:20 +02:00
smb2pdu.c cifs: fix negotiate context parsing 2023-04-20 12:35:14 +02:00
smb2pdu.h cifs: improve symlink handling for smb2+ 2022-10-13 09:36:04 -05:00
smb2proto.h smb3: improve SMB3 change notification support 2022-10-15 10:05:53 -05:00
smb2status.h cifs: remove pathname for file from SPDX header 2021-09-13 14:51:10 -05:00
smb2transport.c cifs: avoid race conditions with parallel reconnects 2023-04-06 12:10:34 +02:00
smbdirect.c cifs: Fix warning and UAF when destroy the MR list 2023-03-10 09:33:25 +01:00
smbdirect.h Decrease the number of SMB3 smbdirect client SGEs 2022-10-05 01:29:21 -05:00
smbencrypt.c cifs: rename cifs_common to smbfs_common 2021-09-08 23:59:26 -05:00
smberr.h cifs: remove pathname for file from SPDX header 2021-09-13 14:51:10 -05:00
trace.c smb3: Cleanup license mess 2019-01-24 09:37:33 -06:00
trace.h cifs: append path to open_enter trace event 2023-03-30 12:49:20 +02:00
transport.c cifs: Move the in_send statistic to __smb_send_rqst() 2023-03-22 13:33:39 +01:00
unc.c cifs: don't cargo-cult strndup() 2021-04-25 16:28:23 -05:00
winucase.c cifs: remove pathname for file from SPDX header 2021-09-13 14:51:10 -05:00
xattr.c cifs: when insecure legacy is disabled shrink amount of SMB1 code 2022-08-05 11:24:03 -05:00