[linux-cifs-client] [PATCH 2/2] cifs: Increase size of tmp_buf in
cifs_readdir to avoid potential overflows
Suresh Jayaraman
sjayaraman at suse.de
Mon Apr 20 13:24:36 GMT 2009
Increase size of tmp_buf to possible maximum to avoid potential
overflows.
Pointed-out-by: Jeff Layton <jlayton at redhat.com>
Signed-off-by: Suresh Jayaraman <sjayaraman at suse.de>
---
fs/cifs/readdir.c | 2 +-
1 files changed, 1 insertions(+), 1 deletions(-)
diff --git a/fs/cifs/readdir.c b/fs/cifs/readdir.c
index 1a8be62..ebd0da7 100644
--- a/fs/cifs/readdir.c
+++ b/fs/cifs/readdir.c
@@ -1074,7 +1074,7 @@ int cifs_readdir(struct file *file, void *direntry, filldir_t filldir)
with the rare long characters alloc more to account for
such multibyte target UTF-8 characters. cifs_unicode.c,
which actually does the conversion, has the same limit */
- tmp_buf = kmalloc((2 * NAME_MAX) + 4, GFP_KERNEL);
+ tmp_buf = kmalloc((4 * NAME_MAX) + 2, GFP_KERNEL);
for (i = 0; (i < num_to_fill) && (rc == 0); i++) {
if (current_entry == NULL) {
/* evaluate whether this case is an error */
More information about the linux-cifs-client
mailing list