summaryrefslogtreecommitdiffstats
path: root/fs/cifs/connect.c
diff options
context:
space:
mode:
authorRonnie Sahlberg <lsahlber@redhat.com>2019-08-27 09:30:14 +1000
committerSteve French <stfrench@microsoft.com>2019-08-27 17:25:12 -0500
commit340625e618e1b37a72a02f07aa7144ae0ab0b19e (patch)
tree9bac6626dd3e1477a93301a84c7c797b7db5526c /fs/cifs/connect.c
parent478228e57f81f6cb60798d54fc02a74ea7dd267e (diff)
downloadlinux-340625e618e1b37a72a02f07aa7144ae0ab0b19e.tar.bz2
cifs: replace various strncpy with strscpy and similar
Using strscpy is cleaner, and avoids some problems with handling maximum length strings. Linus noticed the original problem and Aurelien pointed out some additional problems. Fortunately most of this is SMB1 code (and in particular the ASCII string handling older, which is less common). Reported-by: Linus Torvalds <torvalds@linux-foundation.org> Reviewed-by: Aurelien Aptel <aaptel@suse.com> Signed-off-by: Ronnie Sahlberg <lsahlber@redhat.com> Signed-off-by: Steve French <stfrench@microsoft.com>
Diffstat (limited to 'fs/cifs/connect.c')
-rw-r--r--fs/cifs/connect.c7
1 files changed, 5 insertions, 2 deletions
diff --git a/fs/cifs/connect.c b/fs/cifs/connect.c
index ddefddeffd06..5299effa6f7d 100644
--- a/fs/cifs/connect.c
+++ b/fs/cifs/connect.c
@@ -4231,16 +4231,19 @@ build_unc_path_to_root(const struct smb_vol *vol,
strlen(vol->prepath) + 1 : 0;
unsigned int unc_len = strnlen(vol->UNC, MAX_TREE_SIZE + 1);
+ if (unc_len > MAX_TREE_SIZE)
+ return ERR_PTR(-EINVAL);
+
full_path = kmalloc(unc_len + pplen + 1, GFP_KERNEL);
if (full_path == NULL)
return ERR_PTR(-ENOMEM);
- strncpy(full_path, vol->UNC, unc_len);
+ memcpy(full_path, vol->UNC, unc_len);
pos = full_path + unc_len;
if (pplen) {
*pos = CIFS_DIR_SEP(cifs_sb);
- strncpy(pos + 1, vol->prepath, pplen);
+ memcpy(pos + 1, vol->prepath, pplen);
pos += pplen;
}