Skip to content

Commit 0d4b46b

Browse files
smfrenchsmfrench
committed
smb3.11: replace a 4 with server->vals->header_preamble_size
More cleanup of use of hardcoded 4 byte RFC1001 field size Signed-off-by: Steve French <[email protected]> Reviewed-by: Pavel Shilovsky <[email protected]> Reviewed-by: Ronnie Sahlberg <[email protected]>
1 parent 9fdd2e0 commit 0d4b46b

File tree

2 files changed

+9
-5
lines changed

2 files changed

+9
-5
lines changed

fs/cifs/smb2misc.c

Lines changed: 7 additions & 4 deletions
Original file line numberDiff line numberDiff line change
@@ -94,7 +94,8 @@ static const __le16 smb2_rsp_struct_sizes[NUMBER_OF_SMB2_COMMANDS] = {
9494
};
9595

9696
#ifdef CONFIG_CIFS_SMB311
97-
static __u32 get_neg_ctxt_len(struct smb2_hdr *hdr, __u32 len, __u32 non_ctxlen)
97+
static __u32 get_neg_ctxt_len(struct smb2_hdr *hdr, __u32 len, __u32 non_ctxlen,
98+
size_t hdr_preamble_size)
9899
{
99100
__u16 neg_count;
100101
__u32 nc_offset, size_of_pad_before_neg_ctxts;
@@ -108,11 +109,12 @@ static __u32 get_neg_ctxt_len(struct smb2_hdr *hdr, __u32 len, __u32 non_ctxlen)
108109

109110
/* Make sure that negotiate contexts start after gss security blob */
110111
nc_offset = le32_to_cpu(pneg_rsp->NegotiateContextOffset);
111-
if (nc_offset < non_ctxlen - 4 /* RFC1001 len field */) {
112+
if (nc_offset < non_ctxlen - hdr_preamble_size /* RFC1001 len */) {
112113
printk_once(KERN_WARNING "invalid negotiate context offset\n");
113114
return 0;
114115
}
115-
size_of_pad_before_neg_ctxts = nc_offset - (non_ctxlen - 4);
116+
size_of_pad_before_neg_ctxts = nc_offset -
117+
(non_ctxlen - hdr_preamble_size);
116118

117119
/* Verify that at least minimal negotiate contexts fit within frame */
118120
if (len < nc_offset + (neg_count * sizeof(struct smb2_neg_context))) {
@@ -235,7 +237,8 @@ smb2_check_message(char *buf, unsigned int length, struct TCP_Server_Info *srvr)
235237

236238
#ifdef CONFIG_CIFS_SMB311
237239
if (shdr->Command == SMB2_NEGOTIATE)
238-
clc_len += get_neg_ctxt_len(hdr, len, clc_len);
240+
clc_len += get_neg_ctxt_len(hdr, len, clc_len,
241+
srvr->vals->header_preamble_size);
239242
#endif /* SMB311 */
240243
if (srvr->vals->header_preamble_size + len != clc_len) {
241244
cifs_dbg(FYI, "Calculated size %u length %zu mismatch mid %llu\n",

fs/cifs/smb2pdu.c

Lines changed: 2 additions & 1 deletion
Original file line numberDiff line numberDiff line change
@@ -474,7 +474,8 @@ static int smb311_decode_neg_context(struct smb2_negotiate_rsp *rsp,
474474
if (len_of_ctxts < sizeof(struct smb2_neg_context))
475475
break;
476476

477-
pctx = (struct smb2_neg_context *)(offset + 4 + (char *)rsp);
477+
pctx = (struct smb2_neg_context *)(offset +
478+
server->vals->header_preamble_size + (char *)rsp);
478479
clen = le16_to_cpu(pctx->DataLength);
479480
if (clen > len_of_ctxts)
480481
break;

0 commit comments

Comments
 (0)