diff options
| author |   Paulo Alcantara <pc@manguebit.org> | 2025-07-25 00:04:43 -0300 |
|---|---|---|
| committer |   Steve French <stfrench@microsoft.com> | 2025-07-27 16:59:59 -0500 |
| commit | be77ab6b9fbe348daf3c2d3ee40f23ca5110a339 (patch) | |
| tree | a3a4ba1f5d3f427c95902a94954b0745c9e232cb | |
| parent | cifs: add new field to track the last access time of cfid (diff) | |
| download | wireguard-linux-be77ab6b9fbe348daf3c2d3ee40f23ca5110a339.tar.xz wireguard-linux-be77ab6b9fbe348daf3c2d3ee40f23ca5110a339.zip | |
smb: client: allow parsing zero-length AV pairs
Zero-length AV pairs should be considered as valid target infos.
Don't skip the next AV pairs that follow them.
Cc: linux-cifs@vger.kernel.org
Cc: David Howells <dhowells@redhat.com>
Fixes: 0e8ae9b953bc ("smb: client: parse av pair type 4 in CHALLENGE_MESSAGE")
Signed-off-by: Paulo Alcantara (Red Hat) <pc@manguebit.org>
Signed-off-by: Steve French <stfrench@microsoft.com>
| -rw-r--r-- | fs/smb/client/cifsencrypt.c | 4 |
1 files changed, 2 insertions, 2 deletions
diff --git a/fs/smb/client/cifsencrypt.c b/fs/smb/client/cifsencrypt.c index 35892df7335c..6be850d2a346 100644 --- a/fs/smb/client/cifsencrypt.c +++ b/fs/smb/client/cifsencrypt.c @@ -343,7 +343,7 @@ static struct ntlmssp2_name *find_next_av(struct cifs_ses *ses, len = AV_LEN(av); if (AV_TYPE(av) == NTLMSSP_AV_EOL) return NULL; - if (!len || (u8 *)av + sizeof(*av) + len > end) + if ((u8 *)av + sizeof(*av) + len > end) return NULL; return av; } @@ -363,7 +363,7 @@ static int find_av_name(struct cifs_ses *ses, u16 type, char **name, u16 maxlen) av_for_each_entry(ses, av) { len = AV_LEN(av); - if (AV_TYPE(av) != type) + if (AV_TYPE(av) != type || !len) continue; if (!IS_ALIGNED(len, sizeof(__le16))) { cifs_dbg(VFS | ONCE, "%s: bad length(%u) for type %u\n", |