From 4b0df3bed780f36391d8fe0272b184d6b1c145b6 Mon Sep 17 00:00:00 2001 From: Salvatore Bonaccorso Date: Sat, 4 Nov 2017 09:52:42 +0100 Subject: [PATCH] cifs: check MaxPathNameComponentLength != 0 before using it Thanks: Andrew Chadwick Closes: #880504 --- debian/changelog | 6 ++- ...thNameComponentLength-0-before-using.patch | 42 +++++++++++++++++++ debian/patches/series | 1 + 3 files changed, 48 insertions(+), 1 deletion(-) create mode 100644 debian/patches/bugfix/all/cifs-check-MaxPathNameComponentLength-0-before-using.patch diff --git a/debian/changelog b/debian/changelog index a0cbe97bf..cdd3c4339 100644 --- a/debian/changelog +++ b/debian/changelog @@ -47,7 +47,11 @@ linux (4.13.11-1) UNRELEASED; urgency=medium - [powerpc*] xive: Fix the size of the cpumask used in xive_find_target_in_mask() - -- Salvatore Bonaccorso Sat, 04 Nov 2017 08:41:02 +0100 + [ Salvatore Bonaccorso ] + * cifs: check MaxPathNameComponentLength != 0 before using it. + Thanks to Andrew Chadwick (Closes: #880504) + + -- Salvatore Bonaccorso Sat, 04 Nov 2017 09:54:41 +0100 linux (4.13.10-1) unstable; urgency=medium diff --git a/debian/patches/bugfix/all/cifs-check-MaxPathNameComponentLength-0-before-using.patch b/debian/patches/bugfix/all/cifs-check-MaxPathNameComponentLength-0-before-using.patch new file mode 100644 index 000000000..e2100a15f --- /dev/null +++ b/debian/patches/bugfix/all/cifs-check-MaxPathNameComponentLength-0-before-using.patch @@ -0,0 +1,42 @@ +From: Ronnie Sahlberg +Date: Mon, 30 Oct 2017 13:28:03 +1100 +Subject: cifs: check MaxPathNameComponentLength != 0 before using it +Origin: https://git.kernel.org/linus/f74bc7c6679200a4a83156bb89cbf6c229fe8ec0 +Bug-Debian: https://bugs.debian.org/880504 + +And fix tcon leak in error path. + +Signed-off-by: Ronnie Sahlberg +Signed-off-by: Steve French +CC: Stable +Reviewed-by: David Disseldorp +--- + fs/cifs/dir.c | 5 +++-- + 1 file changed, 3 insertions(+), 2 deletions(-) + +diff --git a/fs/cifs/dir.c b/fs/cifs/dir.c +index e702d48bd023..81ba6e0d88d8 100644 +--- a/fs/cifs/dir.c ++++ b/fs/cifs/dir.c +@@ -204,7 +204,8 @@ check_name(struct dentry *direntry, struct cifs_tcon *tcon) + struct cifs_sb_info *cifs_sb = CIFS_SB(direntry->d_sb); + int i; + +- if (unlikely(direntry->d_name.len > ++ if (unlikely(tcon->fsAttrInfo.MaxPathNameComponentLength && ++ direntry->d_name.len > + le32_to_cpu(tcon->fsAttrInfo.MaxPathNameComponentLength))) + return -ENAMETOOLONG; + +@@ -520,7 +521,7 @@ cifs_atomic_open(struct inode *inode, struct dentry *direntry, + + rc = check_name(direntry, tcon); + if (rc) +- goto out_free_xid; ++ goto out; + + server = tcon->ses->server; + +-- +2.11.0 + diff --git a/debian/patches/series b/debian/patches/series index dd78e73d1..c908afcb6 100644 --- a/debian/patches/series +++ b/debian/patches/series @@ -78,6 +78,7 @@ bugfix/all/fs-add-module_softdep-declarations-for-hard-coded-cr.patch bugfix/all/partially-revert-usb-kconfig-using-select-for-usb_co.patch bugfix/all/kbuild-include-addtree-remove-quotes-before-matching-path.patch bugfix/all/bfq-re-enable-auto-loading-when-built-as-a-module.patch +bugfix/all/cifs-check-MaxPathNameComponentLength-0-before-using.patch # Miscellaneous features