ksmbd: fix out of bounds in init_smb2_rsp_hdr() - linux

diff options

author	Namjae Jeon <linkinjeon@kernel.org>	2023-07-23 08:27:37 +0200
committer	Steve French <stfrench@microsoft.com>	2023-07-23 17:25:11 +0200
commit	536bb492d39bb6c080c92f31e8a55fe9934f452b (patch)
tree	d88bd5f8284b25fd35f03fb188f160daf0c6e1a5 /fs/smb/server/unicode.h
parent	ksmbd: no response from compound read (diff)
download	linux-536bb492d39bb6c080c92f31e8a55fe9934f452b.tar.xz linux-536bb492d39bb6c080c92f31e8a55fe9934f452b.zip

ksmbd: fix out of bounds in init_smb2_rsp_hdr()

If client send smb2 negotiate request and then send smb1 negotiate request, init_smb2_rsp_hdr is called for smb1 negotiate request since need_neg is set to false. This patch ignore smb1 packets after ->need_neg is set to false. Reported-by: zdi-disclosures@trendmicro.com # ZDI-CAN-21541 Signed-off-by: Namjae Jeon <linkinjeon@kernel.org> Signed-off-by: Steve French <stfrench@microsoft.com>

Diffstat (limited to 'fs/smb/server/unicode.h')

0 files changed, 0 insertions, 0 deletions


context:
space:
mode: