[linux-cifs-client] [PATCH 1/3] cifs: Introduce helper to
compute length of nls string in bytes
Jeff Layton
jlayton at redhat.com
Thu Apr 23 05:56:19 GMT 2009
On Thu, 23 Apr 2009 02:49:21 +0200
Günter Kukkukk <linux at kukkukk.com> wrote:
> just some further notes.
> With "it's heavily used" i didn't mean the number of callers using this
> function (only 1 in readdir.c) - i meant "the number of times" cifs_convertUCSpath()
> is called in daily usage.... (readdir results)
>
> The current focus was mostly on cifs_strfromUCS_le() - but the _same_ applies
> to cifs_convertUCSpath()!
>
> See the following code snippet:
>
> readdir.c --> static int cifs_get_name_from_search_buf()
> ....
>
> if (unicode) {
> /* BB fixme - test with long names */
> /* Note converted filename can be longer than in unicode */
> if (cifs_sb->mnt_cifs_flags & CIFS_MOUNT_MAP_SPECIAL_CHR)
> pqst->len = cifs_convertUCSpath((char *)pqst->name,
> (__le16 *)filename, len/2, nlt);
> else
> pqst->len = cifs_strfromUCS_le((char *)pqst->name,
> (__le16 *)filename, len/2, nlt);
>
> ....
I see what you mean. Good catch. That function also has broken buffer
length checking logic too.
This patch is only compile-tested, but it should fix those problems. In
the long run, we probably need to make all of these functions take an
argument with the length of the destination buffer.
Let's plan that overhaul after Suresh's latest set goes in though.
--
Jeff Layton <jlayton at redhat.com>
-------------- next part --------------
A non-text attachment was scrubbed...
Name: 0001-cifs-fix-length-checks-and-null-termination-in-cifs.patch
Type: text/x-patch
Size: 1893 bytes
Desc: not available
Url : http://lists.samba.org/archive/linux-cifs-client/attachments/20090423/22899b7e/0001-cifs-fix-length-checks-and-null-termination-in-cifs.bin
More information about the linux-cifs-client
mailing list