lists.openwall.net | lists / announce owl-users owl-dev john-users john-dev passwdqc-users yescrypt popa3d-users / oss-security kernel-hardening musl sabotage tlsify passwords / crypt-dev xvendor / Bugtraq Full-Disclosure linux-kernel linux-netdev linux-ext4 linux-hardening linux-cve-announce PHC | |
Open Source and information security mailing list archives
| ||
|
Date: Tue, 31 Mar 2015 20:37:26 -0400 From: Jeff Layton <jlayton@...ba.org> To: Steve French <smfrench@...il.com> Cc: linux-cifs@...r.kernel.org, linux-kernel@...r.kernel.org Subject: Re: [PATCH 2/4] [CIFS] Don't ignore errors on encrypting password in SMBTcon On Fri, 27 Mar 2015 00:28:00 -0500 Steve French <smfrench@...il.com> wrote: > Although unlikely to fail (and tree connect does not commonly send > a password since SECMODE_USER is the default for most servers) > do not ignore errors on SMBNTEncrypt in SMB Tree Connect. > > Reported by Coverity (CID 1226853) > > Signed-off-by: Steve French <smfrench@...il.com> > --- > fs/cifs/connect.c | 6 ++++++ > 1 file changed, 6 insertions(+) > > diff --git a/fs/cifs/connect.c b/fs/cifs/connect.c > index 4cb8450..cdb1aaf 100644 > --- a/fs/cifs/connect.c > +++ b/fs/cifs/connect.c > @@ -3696,6 +3696,12 @@ CIFSTCon(const unsigned int xid, struct cifs_ses *ses, > #endif /* CIFS_WEAK_PW_HASH */ > rc = SMBNTencrypt(tcon->password, ses->server->cryptkey, > bcc_ptr, nls_codepage); > + if (rc) { > + cifs_dbg(FYI, "%s Can't generate NTLM rsp. Error: %d\n", > + __func__, rc); > + cifs_buf_release(smb_buffer); > + return rc; > + } > > bcc_ptr += CIFS_AUTH_RESP_SIZE; > if (ses->capabilities & CAP_UNICODE) { Acked-by: -- Jeff Layton <jlayton@...ba.org> -- To unsubscribe from this list: send the line "unsubscribe linux-kernel" in the body of a message to majordomo@...r.kernel.org More majordomo info at http://vger.kernel.org/majordomo-info.html Please read the FAQ at http://www.tux.org/lkml/
Powered by blists - more mailing lists