leandrof/linux
1
0
Fork 0
forked from Minki/linux
Code Issues Pull Requests Packages Projects Releases Wiki Activity
08b37d518a
linux/fs/cifs
History
Jeff Layton 08b37d518a cifs: ensure that vol->username is not NULL before running strlen on it 
Dan Carpenter says:

The patch 04febabcf5: "cifs: sanitize username handling" from Jan
17, 2012, leads to the following static checker warning:

	fs/cifs/connect.c:2231 match_session()
	error: we previously assumed 'vol->username' could be null (see line 2228)

fs/cifs/connect.c
  2219                  /* NULL username means anonymous session */
  2220                  if (ses->user_name == NULL) {
  2221                          if (!vol->nullauth)
  2222                                  return 0;
  2223                          break;
  2224                  }
  2225
  2226                  /* anything else takes username/password */
  2227                  if (strncmp(ses->user_name,
  2228                              vol->username ? vol->username : "",
                                    ^^^^^^^^^^^^^
We added this check for vol->username here.

  2229                              CIFS_MAX_USERNAME_LEN))
  2230                          return 0;
  2231                  if (strlen(vol->username) != 0 &&
                                   ^^^^^^^^^^^^^
But this dereference is not checked.

  2232                      ses->password != NULL &&
  2233                      strncmp(ses->password,
  2234                              vol->password ? vol->password : "",
  2235                              CIFS_MAX_PASSWORD_LEN))
  2236                          return 0;

...fix this by ensuring that vol->username is not NULL before running
strlen on it.

Signed-off-by: Jeff Layton <jlayton@poochiereds.net>
Reported-by: Dan Carpenter <dan.carpenter@oracle.com>
Signed-off-by: Steve French <smfrench@gmail.com>
2014-05-21 10:38:01 -07:00
..
asn1.c [CIFS] cifs: Rename cERROR and cFYI to cifs_dbg 2013-05-04 22:17:23 -05:00
cache.c [CIFS] cifs: Rename cERROR and cFYI to cifs_dbg 2013-05-04 22:17:23 -05:00
cifs_debug.c cifs: try to handle the MUST SecurityFlags sanely 2013-06-26 17:31:55 -05:00
cifs_debug.h [CIFS] cifs: Rename cERROR and cFYI to cifs_dbg 2013-05-04 22:17:23 -05:00
cifs_dfs_ref.c cifs: fix composing of mount options for DFS referrals 2013-05-24 13:08:31 -05:00
cifs_fs_sb.h cifs: rcu-delay unload_nls() and freeing sbi 2013-10-24 23:43:27 -04:00
cifs_spnego.c [CIFS] cifs: Rename cERROR and cFYI to cifs_dbg 2013-05-04 22:17:23 -05:00
cifs_spnego.h [CIFS] Rename three structures to avoid camel case 2011-05-27 04:34:02 +00:00
cifs_unicode.c [CIFS] cifs: Rename cERROR and cFYI to cifs_dbg 2013-05-04 22:17:23 -05:00
cifs_unicode.h cifs: add new case-insensitive conversion routines that are based on wchar_t's 2013-09-08 14:38:05 -05:00
cifs_uniupr.h cifs: correction of unicode header files 2010-08-20 00:46:42 +00:00
cifsacl.c [CIFS] Fix cifsacl mounts over smb2 to not call cifs 2014-02-10 14:08:16 -06:00
cifsacl.h cifs: fix SID binary to string conversion 2012-12-11 11:48:49 -06:00
cifsencrypt.c cifs: Use data structures to compute NTLMv2 response offsets 2013-11-11 16:58:11 -06:00
cifsfs.c cifs: Set client guid on per connection basis 2014-05-21 10:18:05 -07:00
cifsfs.h Update cifs version number to 2.03 2014-05-21 10:18:05 -07:00
cifsglob.h cifs: Set client guid on per connection basis 2014-05-21 10:18:05 -07:00
cifspdu.h cifs: Use data structures to compute NTLMv2 response offsets 2013-11-11 16:58:11 -06:00
cifsproto.h cifs: Wait for writebacks to complete before attempting write. 2014-04-16 13:51:46 -05:00
cifssmb.c Return correct error on query of xattr on file with empty xattrs 2014-04-16 13:51:46 -05:00
connect.c cifs: ensure that vol->username is not NULL before running strlen on it 2014-05-21 10:38:01 -07:00
dir.c [CIFS] Fix cifsacl mounts over smb2 to not call cifs 2014-02-10 14:08:16 -06:00
dns_resolve.c cifs: fix composing of mount options for DFS referrals 2013-05-24 13:08:31 -05:00
dns_resolve.h DNS: Separate out CIFS DNS Resolver code 2010-08-05 17:17:51 +00:00
export.c [CIFS] cifs: Rename cERROR and cFYI to cifs_dbg 2013-05-04 22:17:23 -05:00
file.c cifs: fix potential races in cifs_revalidate_mapping 2014-05-21 10:18:05 -07:00
fscache.c NFS client updates for Linux 3.13 2013-11-08 05:57:46 +09:00
fscache.h CIFS: FS-Cache: Uncache unread pages in cifs_readpages() before freeing them 2013-09-18 10:17:03 -05:00
inode.c cifs: fix potential races in cifs_revalidate_mapping 2014-05-21 10:18:05 -07:00
ioctl.c fs: cifs: new helper: file_inode(file) 2014-05-21 10:18:05 -07:00
Kconfig [CIFS] SMB3 Signing enablement 2013-06-26 23:45:05 -05:00
link.c cifs: Fix check for regular file in couldbe_mf_symlink() 2014-01-31 09:06:43 -06:00
Makefile cifs: add new case-insensitive conversion routines that are based on wchar_t's 2013-09-08 14:38:05 -05:00
misc.c cifs: Wait for writebacks to complete before attempting write. 2014-04-16 13:51:46 -05:00
netmisc.c fs/cifs/netmisc.c: convert printk to pr_foo() 2014-05-21 10:18:05 -07:00
nterr.c CIFS: Rename 7 error codes to NT_ style 2012-07-24 10:25:10 -05:00
nterr.h CIFS: Rename 7 error codes to NT_ style 2012-07-24 10:25:10 -05:00
ntlmssp.h CIFS: Add session setup/logoff capability for SMB2 2012-07-24 21:54:57 +04:00
readdir.c cifs: Rename MF symlink function names 2014-01-20 00:13:54 -06:00
rfc1002pdu.h
sess.c cifs: Allow LANMAN auth method for servers supporting unencapsulated authentication methods 2013-10-07 09:57:11 -05:00
smb1ops.c cifs: Wait for writebacks to complete before attempting write. 2014-04-16 13:51:46 -05:00
smb2file.c CIFS: Store lease state itself rather than a mapped oplock value 2013-09-09 22:52:05 -05:00
smb2glob.h CIFS: Fix too big maxBuf size for SMB3 mounts 2014-02-14 16:50:47 -06:00
smb2inode.c CIFS: Fix symbolic links usage 2013-11-11 16:31:03 -06:00
smb2maperror.c cifs: change ERRnomem error mapping from ENOMEM to EREMOTEIO 2013-11-11 16:33:25 -06:00
smb2misc.c cifs: Wait for writebacks to complete before attempting write. 2014-04-16 13:51:46 -05:00
smb2ops.c Clarify SMB2/SMB3 create context and add missing ones 2014-05-21 10:18:06 -07:00
smb2pdu.c Clarify SMB2/SMB3 create context and add missing ones 2014-05-21 10:18:06 -07:00
smb2pdu.h Clarify SMB2/SMB3 create context and add missing ones 2014-05-21 10:18:06 -07:00
smb2proto.h [CIFS] clean up page array when uncached write send fails 2014-02-07 20:47:00 -06:00
smb2status.h CIFS: Add SMB2 status codes 2012-07-24 10:25:13 -05:00
smb2transport.c cifs: Send a logoff request before removing a smb session 2013-11-02 12:52:35 -05:00
smbencrypt.c [CIFS] cifs: Rename cERROR and cFYI to cifs_dbg 2013-05-04 22:17:23 -05:00
smberr.h cifs: map NT_STATUS_ERROR_WRITE_PROTECTED to -EROFS 2010-08-02 12:40:40 +00:00
smbfsctl.h Check SMB3 dialects against downgrade attacks 2013-11-19 23:52:54 -06:00
transport.c cifs: sanity check length of data to send before sending 2014-02-23 20:55:07 -06:00
winucase.c [CIFS] quiet sparse compile warning 2013-09-08 14:54:24 -05:00
xattr.c retrieving CIFS ACLs when mounted with SMB2 fails dropping session 2014-02-07 11:08:17 -06:00