| lists.openwall.net | lists / announce owl-users owl-dev john-users john-dev passwdqc-users yescrypt popa3d-users / oss-security kernel-hardening musl sabotage tlsify passwords / crypt-dev xvendor / Bugtraq Full-Disclosure linux-kernel linux-netdev linux-ext4 linux-hardening linux-cve-announce PHC | |
|
Open Source and information security mailing list archives
| ||
|
Message-ID: <d7a7ce57-f486-491e-9002-cc8cfc115521@linux.dev>
Date: Mon, 17 Nov 2025 09:06:15 +0800
From: ChenXiaoSong <chenxiaosong.chenxiaosong@...ux.dev>
To: Namjae Jeon <linkinjeon@...nel.org>
Cc: sfrench@...ba.org, smfrench@...il.com, linkinjeon@...ba.org,
christophe.jaillet@...adoo.fr, linux-cifs@...r.kernel.org,
linux-kernel@...r.kernel.org, chenxiaosong@...nxiaosong.com
Subject: Re: [PATCH v8 1/1] smb: move FILE_SYSTEM_ATTRIBUTE_INFO to
common/fscc.h
Hi Namjae,
I have confirmed that when FileSystemName uses flexible array member,
fsAttrInfo in struct cifs_tcon does not include FileSystemName.
The following part in the CIFSSMBQFSAttributeInfo() function is correct,
we cannot add MAX_FS_NAME_LEN to sizeof(FILE_SYSTEM_ATTRIBUTE_INFO).
```c
CIFSSMBQFSAttributeInfo()
{
...
memcpy(&tcon->fsAttrInfo, response_data,
sizeof(FILE_SYSTEM_ATTRIBUTE_INFO)); // it's correct here
...
}
```
And in the following part of the SMB2_QFS_attr() function, we should
change it to `memcpy(..., min_t(..., min_len))`.
```c
SMB2_QFS_attr()
{
...
if (level == FS_ATTRIBUTE_INFORMATION)
memcpy(&tcon->fsAttrInfo, offset
+ (char *)rsp, min_t(unsigned int,
rsp_len, max_len)); // should use `min_len` here
...
}
```
Thanks,
ChenXiaoSong.
On 11/17/25 07:00, Namjae Jeon wrote:
> Did you check if it is being used here too?
> cifssmb.c:4866: sizeof(FILE_SYSTEM_ATTRIBUTE_INFO));
Powered by blists - more mailing lists