lists.openwall.net   lists  /  announce  owl-users  owl-dev  john-users  john-dev  passwdqc-users  yescrypt  popa3d-users  /  oss-security  kernel-hardening  musl  sabotage  tlsify  passwords  /  crypt-dev  xvendor  /  Bugtraq  Full-Disclosure  linux-kernel  linux-netdev  linux-ext4  linux-hardening  linux-cve-announce  PHC 
Open Source and information security mailing list archives
 
Hash Suite: Windows password security audit tool. GUI, reports in PDF.
[<prev] [next>] [<thread-prev] [thread-next>] [day] [month] [year] [list] 
Message-ID: <lsq.1554212308.350906277@decadent.org.uk>
Date:   Tue, 02 Apr 2019 14:38:28 +0100
From:   Ben Hutchings <ben@...adent.org.uk>
To:     linux-kernel@...r.kernel.org, stable@...r.kernel.org
CC:     akpm@...ux-foundation.org, Denis Kirjanov <kda@...ux-powerpc.org>,
        "Dan Aloni" <dan@...nelim.com>,
        "Stephan Seitz" <stse+debian@...ng.rootsland.net>
Subject: [PATCH 3.16 98/99] Revert "cifs: empty TargetInfo leads to crash
 on recovery"

3.16.65-rc1 review patch.  If anyone has any objections, please let me know.

------------------

From: Ben Hutchings <ben@...adent.org.uk>

Revert commit 36a0db05310fbee38b59fed7e1306c1a095f8c8f, a minimal
backport of commit cabfb3680f78981d26c078a26e5c748531257ebb upstream.
We need a complete backport to avoid a regression for SMB3
authenticated mounts.

Reported-by: Stephan Seitz <stse+debian@...ng.rootsland.net>
References: https://lists.debian.org/debian-lts/2019/03/msg00071.html
Cc: Dan Aloni <dan@...nelim.com>
Signed-off-by: Ben Hutchings <ben@...adent.org.uk>
---
--- a/fs/cifs/smb2pdu.c
+++ b/fs/cifs/smb2pdu.c
@@ -608,7 +608,6 @@ SMB2_sess_setup(const unsigned int xid,
 	 */
 	kfree(ses->auth_key.response);
 	ses->auth_key.response = NULL;
-	ses->auth_key.len = 0;
 
 	/*
 	 * If memory allocation is successful, caller of this function
@@ -769,7 +768,6 @@ ssetup_exit:
 			rc = server->ops->generate_signingkey(ses);
 			kfree(ses->auth_key.response);
 			ses->auth_key.response = NULL;
-			ses->auth_key.len = 0;
 			if (rc) {
 				cifs_dbg(FYI,
 					"SMB3 session key generation failed\n");
@@ -794,7 +792,6 @@ keygen_exit:
 	if (!server->sign) {
 		kfree(ses->auth_key.response);
 		ses->auth_key.response = NULL;
-		ses->auth_key.len = 0;
 	}
 	kfree(ses->ntlmssp);

Powered by blists - more mailing lists

Powered by Openwall GNU/*/Linux Powered by OpenVZ