diff options
author | Suresh Jayaraman <sjayaraman@suse.de> | 2009-04-20 15:24:36 +0200 |
---|---|---|
committer | Steve French <sfrench@us.ibm.com> | 2009-04-20 21:58:09 +0200 |
commit | 7b0c8fcff47a885743125dd843db64af41af5a61 (patch) | |
tree | 144e5390001c8e49ec2fd0fcdb9274d68e6b50bd | |
parent | cifs: Rename cifs_strncpy_to_host and fix buffer size (diff) | |
download | linux-7b0c8fcff47a885743125dd843db64af41af5a61.tar.xz linux-7b0c8fcff47a885743125dd843db64af41af5a61.zip |
cifs: Increase size of tmp_buf in cifs_readdir to avoid potential overflows
Increase size of tmp_buf to possible maximum to avoid potential
overflows.
Pointed-out-by: Jeff Layton <jlayton@redhat.com>
Signed-off-by: Suresh Jayaraman <sjayaraman@suse.de>
Acked-by: Jeff Layton <jlayton@redhat.com>
Signed-off-by: Steve French <sfrench@us.ibm.com>
-rw-r--r-- | fs/cifs/readdir.c | 2 |
1 files changed, 1 insertions, 1 deletions
diff --git a/fs/cifs/readdir.c b/fs/cifs/readdir.c index 1a8be6228333..ebd0da7ecb3d 100644 --- a/fs/cifs/readdir.c +++ b/fs/cifs/readdir.c @@ -1074,7 +1074,7 @@ int cifs_readdir(struct file *file, void *direntry, filldir_t filldir) with the rare long characters alloc more to account for such multibyte target UTF-8 characters. cifs_unicode.c, which actually does the conversion, has the same limit */ - tmp_buf = kmalloc((2 * NAME_MAX) + 4, GFP_KERNEL); + tmp_buf = kmalloc((4 * NAME_MAX) + 2, GFP_KERNEL); for (i = 0; (i < num_to_fill) && (rc == 0); i++) { if (current_entry == NULL) { /* evaluate whether this case is an error */ |