linux/fs/smb/server
Namjae Jeon 17cf0c2794 ksmbd: validate request buffer size in smb2_allocate_rsp_buf()
The response buffer should be allocated in smb2_allocate_rsp_buf
before validating request. But the fields in payload as well as smb2 header
is used in smb2_allocate_rsp_buf(). This patch add simple buffer size
validation to avoid potencial out-of-bounds in request buffer.

Cc: stable@vger.kernel.org
Signed-off-by: Namjae Jeon <linkinjeon@kernel.org>
Signed-off-by: Steve French <stfrench@microsoft.com>
2024-04-19 20:48:47 -05:00
..
mgmt ksmbd: validate payload size in ipc response 2024-04-02 09:21:01 -05:00
asn1.c ksmbd: validate mech token in session setup 2024-01-14 11:39:49 -06:00
asn1.h
auth.c ksmbd: auth: fix most kernel-doc warnings 2024-01-09 12:52:33 -06:00
auth.h
connection.c ksmbd: fix UAF issue in ksmbd_tcp_new_connection() 2024-01-14 11:39:49 -06:00
connection.h ksmbd: fix UAF issue in ksmbd_tcp_new_connection() 2024-01-14 11:39:49 -06:00
crypto_ctx.c
crypto_ctx.h
glob.h ksmbd: remove module version 2024-03-18 21:21:38 -05:00
Kconfig ksmbd: remove experimental warning 2023-09-03 21:06:36 -05:00
ksmbd_netlink.h ksmbd: validate payload size in ipc response 2024-04-02 09:21:01 -05:00
ksmbd_spnego_negtokeninit.asn1 treewide: Add SPDX identifier to IETF ASN.1 modules 2023-10-27 18:04:28 +08:00
ksmbd_spnego_negtokentarg.asn1 treewide: Add SPDX identifier to IETF ASN.1 modules 2023-10-27 18:04:28 +08:00
ksmbd_work.c ksmbd: release interim response after sending status pending response 2023-11-23 20:50:45 -06:00
ksmbd_work.h ksmbd: fix wrong interim response on compound 2023-08-29 12:30:19 -05:00
Makefile
misc.c ksmbd: Add kernel-doc for ksmbd_extract_sharename() function 2024-02-07 20:23:37 -06:00
misc.h
ndr.c
ndr.h
nterr.h
ntlmssp.h
oplock.c ksmbd: Fix spelling mistake "connction" -> "connection" 2024-03-14 18:51:32 -05:00
oplock.h ksmbd: add support for durable handles v1/v2 2024-03-12 00:36:39 -05:00
server.c ksmbd: fix slab-out-of-bounds in smb2_allocate_rsp_buf 2024-04-19 20:48:47 -05:00
server.h
smb2misc.c ksmbd: fix potencial out-of-bounds when buffer offset is invalid 2024-03-18 21:21:33 -05:00
smb2ops.c ksmbd: do not set SMB2_GLOBAL_CAP_ENCRYPTION for SMB 3.1.1 2024-04-02 09:21:25 -05:00
smb2pdu.c ksmbd: validate request buffer size in smb2_allocate_rsp_buf() 2024-04-19 20:48:47 -05:00
smb2pdu.h ksmbd: add support for durable handles v1/v2 2024-03-12 00:36:39 -05:00
smb_common.c ksmbd: replace generic_fillattr with vfs_getattr 2024-03-12 00:36:39 -05:00
smb_common.h ksmbd: fix out of bounds in init_smb2_rsp_hdr() 2023-07-23 10:25:11 -05:00
smbacl.c ksmbd: free ppace array on error in parse_dacl 2024-01-09 19:27:36 -06:00
smbacl.h ksmbd: fix possible deadlock in smb2_open 2023-11-23 20:50:45 -06:00
smbfsctl.h
smbstatus.h
transport_ipc.c ksmbd: validate payload size in ipc response 2024-04-02 09:21:01 -05:00
transport_ipc.h
transport_rdma.c ksmbd: fix UAF issue in ksmbd_tcp_new_connection() 2024-01-14 11:39:49 -06:00
transport_rdma.h
transport_tcp.c smb: Fix some kernel-doc comments 2024-01-21 17:13:19 -06:00
transport_tcp.h
unicode.c ksmbd: add support for surrogate pair conversion 2023-10-22 19:06:27 -05:00
unicode.h fs/smb: Swing unicode common code from smb->NLS 2023-08-30 08:55:51 -05:00
vfs_cache.c ksmbd: add support for durable handles v1/v2 2024-03-12 00:36:39 -05:00
vfs_cache.h ksmbd: add support for durable handles v1/v2 2024-03-12 00:36:39 -05:00
vfs.c 9 ksmbd changesets 2024-03-20 16:42:47 -07:00
vfs.h ksmbd: fix possible deadlock in smb2_open 2023-11-23 20:50:45 -06:00
xattr.h