git.baikalelectronics.ru Git - kernel.git/commit

author	Zhang Xiaoxu <zhangxiaoxu5@huawei.com>
	Mon, 26 Sep 2022 03:36:30 +0000 (11:36 +0800)
committer	Steve French <stfrench@microsoft.com>
	Wed, 5 Oct 2022 06:15:44 +0000 (01:15 -0500)
commit	23d38143f85d862d0fef88d891f22e0eecc04a62
tree	881616b779f8774d3d4a5b4a0cc67a4fee16cc78	tree \| snapshot
parent	16e6e9f1069d239783a6b77ff6e90faecc36ffde	commit \| diff

ksmbd: Fix wrong return value and message length check in smb2_ioctl()

Commit e3170313dfb7 ("smb3: fix ksmbd bigendian bug in oplock
break, and move its struct to smbfs_common") use the defination
of 'struct validate_negotiate_info_req' in smbfs_common, the
array length of 'Dialects' changed from 1 to 4, but the protocol
does not require the client to send all 4. This lead the request
which satisfied with protocol and server to fail.

So just ensure the request payload has the 'DialectCount' in
smb2_ioctl(), then fsctl_validate_negotiate_info() will use it
to validate the payload length and each dialect.

Also when the {in, out}_buf_len is less than the required, should
goto out to initialize the status in the response header.

Fixes: 1465e8a8b5bf ("ksmbd: add validation in smb2_ioctl")
Cc: stable@vger.kernel.org
Signed-off-by: Zhang Xiaoxu <zhangxiaoxu5@huawei.com>
Acked-by: Namjae Jeon <linkinjeon@kernel.org>
Signed-off-by: Steve French <stfrench@microsoft.com>