iv/linux
1
0
Fork 0
Code Issues Pull Requests Actions Packages Projects Releases Wiki Activity
linux/fs/cifs
History
David Disseldorp f4523cd498 cifs: fix negotiate context parsing 
[ Upstream commit 5105a7ffce19160e7062aee67fb6b3b8a1b56d78 ]

smb311_decode_neg_context() doesn't properly check against SMB packet
boundaries prior to accessing individual negotiate context entries. This
is due to the length check omitting the eight byte smb2_neg_context
header, as well as incorrect decrementing of len_of_ctxts.

Fixes: 5100d8a3fe03 ("SMB311: Improve checking of negotiate security contexts")
Reported-by: Volker Lendecke <vl@samba.org>
Reviewed-by: Paulo Alcantara (SUSE) <pc@manguebit.com>
Signed-off-by: David Disseldorp <ddiss@suse.de>
Signed-off-by: Steve French <stfrench@microsoft.com>
Signed-off-by: Sasha Levin <sashal@kernel.org>
2023-04-20 12:35:14 +02:00
..
asn1.c
cifs: decoding negTokenInit with generic ASN1 decoder
2021-06-20 21:28:17 -05:00
cached_dir.c
cifs: fix dentry lookups in directory handle cache
2023-03-30 12:49:21 +02:00
cached_dir.h
cifs: drop the lease for cached directories on rmdir or rename
2022-10-19 17:57:41 -05:00
cifs_debug.c
cifs: print session id while listing open files
2023-03-30 12:49:21 +02:00
cifs_debug.h
smb3: add dynamic trace points for tree disconnect
2022-10-05 01:31:18 -05:00
cifs_dfs_ref.c
cifs: support nested dfs links over reconnect
2021-11-10 16:30:13 -06:00
cifs_fs_sb.h
cifs: support nested dfs links over reconnect
2021-11-10 16:30:13 -06:00
cifs_ioctl.h
smb3: improve SMB3 change notification support
2022-10-15 10:05:53 -05:00
cifs_spnego_negtokeninit.asn1
cifs: decoding negTokenInit with generic ASN1 decoder
2021-06-20 21:28:17 -05:00
cifs_spnego.c
cifs: use the chans_need_reconnect bitmap for reconnect status
2022-01-02 20:38:46 -06:00
cifs_spnego.h
cifs: use the chans_need_reconnect bitmap for reconnect status
2022-01-02 20:38:46 -06:00
cifs_swn.c
smb3: add dynamic trace points for tree disconnect
2022-10-05 01:31:18 -05:00
cifs_swn.h
cifs: simplify SWN code with dummy funcs instead of ifdefs
2021-04-25 16:28:22 -05:00
cifs_unicode.c
cifs: remove pathname for file from SPDX header
2021-09-13 14:51:10 -05:00
cifs_unicode.h
treewide: Replace GPLv2 boilerplate/reference with SPDX - rule 156
2019-05-30 11:26:35 -07:00
cifs_uniupr.h
treewide: Replace GPLv2 boilerplate/reference with SPDX - rule 156
2019-05-30 11:26:35 -07:00
cifsacl.c
cifs: Fix uninitialized memory reads for oparms.mode
2023-03-10 09:34:05 +01:00
cifsacl.h
cifs: remove pathname for file from SPDX header
2021-09-13 14:51:10 -05:00
cifsencrypt.c
cifs: fix potential memory leaks in session setup
2023-02-01 08:34:32 +01:00
cifsfs.c
smb3: fix unusable share after force unmount failure
2023-03-30 12:49:14 +02:00
cifsfs.h
cifs: fix DFS traversal oops without CONFIG_CIFS_DFS_UPCALL
2023-04-06 12:10:50 +02:00
cifsglob.h
cifs: fix oops during encryption
2022-12-21 17:48:11 +01:00
cifspdu.h
cifs: Replace a couple of one-element arrays with flexible-array members
2022-10-05 17:42:38 -05:00
cifsproto.h
cifs: prevent data race in cifs_reconnect_tcon()
2023-04-06 12:10:33 +02:00
cifsroot.c
cifs: move from strlcpy with unused retval to strscpy
2022-08-19 11:02:26 -05:00
cifssmb.c
cifs: prevent infinite recursion in CIFSGetDFSRefer()
2023-04-06 12:10:50 +02:00
connect.c
cifs: avoid race conditions with parallel reconnects
2023-04-06 12:10:34 +02:00
dfs_cache.c
cifs: fix return of uninitialized rc in dfs_cache_update_tgthint()
2023-02-06 08:06:33 +01:00
dfs_cache.h
cifs: support share failover when remounting
2021-07-22 11:43:23 -05:00
dir.c
cifs: Fix uninitialized memory reads for oparms.mode
2023-03-10 09:34:05 +01:00
dns_resolve.c
cifs: remove pathname for file from SPDX header
2021-09-13 14:51:10 -05:00
dns_resolve.h
cifs: remove pathname for file from SPDX header
2021-09-13 14:51:10 -05:00
export.c
cifs: remove pathname for file from SPDX header
2021-09-13 14:51:10 -05:00
file.c
cifs: Fix uninitialized memory reads for oparms.mode
2023-03-10 09:34:05 +01:00
fs_context.c
cifs: sanitize paths in cifs_update_super_prepath.
2023-04-13 16:55:32 +02:00
fs_context.h
cifs: sanitize paths in cifs_update_super_prepath.
2023-04-13 16:55:32 +02:00
fscache.c
use less confusing names for iov_iter direction initializers
2023-02-09 11:28:04 +01:00
fscache.h
cifs: Remove {cifs,nfs}_fscache_release_page()
2022-08-10 21:26:08 -05:00
inode.c
cifs: Fix uninitialized memory reads for oparms.mode
2023-03-10 09:34:05 +01:00
ioctl.c
cifs: Fix wrong return value checking when GETFLAGS
2022-11-16 00:21:04 -06:00
Kconfig
cifs: Support fscache indexing rewrite
2022-01-19 11:21:08 -06:00
link.c
cifs: append path to open_enter trace event
2023-03-30 12:49:20 +02:00
Makefile
cifs: Move cached-dir functions into a separate file
2022-08-11 10:33:18 -05:00
misc.c
cifs: sanitize paths in cifs_update_super_prepath.
2023-04-13 16:55:32 +02:00
netlink.c
genetlink: start to validate reserved header bytes
2022-08-29 12:47:15 +01:00
netlink.h
cifs: Register generic netlink family
2020-12-14 09:16:22 -06:00
netmisc.c
cifs: remove unused server parameter from calc_smb_size()
2022-08-17 18:07:13 -05:00
nterr.c
treewide: Replace GPLv2 boilerplate/reference with SPDX - rule 61
2019-05-24 17:36:45 +02:00
nterr.h
treewide: Replace GPLv2 boilerplate/reference with SPDX - rule 61
2019-05-24 17:36:45 +02:00
ntlmssp.h
treewide: Replace zero-length arrays with flexible-array members
2022-02-17 07:00:39 -06:00
readdir.c
cifs: improve symlink handling for smb2+
2022-10-13 09:36:04 -05:00
rfc1002pdu.h
cifs: remove pathname for file from SPDX header
2021-09-13 14:51:10 -05:00
sess.c
cifs: fix potential memory leaks in session setup
2023-02-01 08:34:32 +01:00
smb1ops.c
cifs: Fix uninitialized memory reads for oparms.mode
2023-03-10 09:34:05 +01:00
smb2file.c
cifs: don't leak -ENOMEM in smb2_open_file()
2022-12-31 13:32:56 +01:00
smb2glob.h
smb3: move defines for ioctl protocol header and SMB2 sizes to smbfs_common
2022-03-26 23:09:20 -05:00
smb2inode.c
cifs: append path to open_enter trace event
2023-03-30 12:49:20 +02:00
smb2maperror.c
cifs: Create a new shared file holding smb2 pdu definitions
2021-11-05 09:50:57 -05:00
smb2misc.c
cifs: avoid unnecessary iteration of tcp sessions
2022-11-04 23:34:40 -05:00
smb2ops.c
cifs: empty interface list when server doesn't support query interfaces
2023-03-30 12:49:20 +02:00
smb2pdu.c
cifs: fix negotiate context parsing
2023-04-20 12:35:14 +02:00
smb2pdu.h
cifs: improve symlink handling for smb2+
2022-10-13 09:36:04 -05:00
smb2proto.h
smb3: improve SMB3 change notification support
2022-10-15 10:05:53 -05:00
smb2status.h
cifs: remove pathname for file from SPDX header
2021-09-13 14:51:10 -05:00
smb2transport.c
cifs: avoid race conditions with parallel reconnects
2023-04-06 12:10:34 +02:00
smbdirect.c
cifs: Fix warning and UAF when destroy the MR list
2023-03-10 09:33:25 +01:00
smbdirect.h
Decrease the number of SMB3 smbdirect client SGEs
2022-10-05 01:29:21 -05:00
smbencrypt.c
cifs: rename cifs_common to smbfs_common
2021-09-08 23:59:26 -05:00
smberr.h
cifs: remove pathname for file from SPDX header
2021-09-13 14:51:10 -05:00
trace.c
trace.h
cifs: append path to open_enter trace event
2023-03-30 12:49:20 +02:00
transport.c
cifs: Move the in_send statistic to __smb_send_rqst()
2023-03-22 13:33:39 +01:00
unc.c
cifs: don't cargo-cult strndup()
2021-04-25 16:28:23 -05:00
winucase.c
cifs: remove pathname for file from SPDX header
2021-09-13 14:51:10 -05:00
xattr.c
cifs: when insecure legacy is disabled shrink amount of SMB1 code
2022-08-05 11:24:03 -05:00