[linux-cifs-client] [PATCH] cifs: Read buffer overflow
Steve French
smfrench at gmail.com
Mon Aug 3 14:43:21 MDT 2009
Jeff noticed a typo in your patch (maxword -> maxwords) - I will fix and
merge
On Sun, Aug 2, 2009 at 6:00 AM, Roel Kluin <roel.kluin at gmail.com> wrote:
> Check whether index is within bounds before testing the element.
>
> Signed-off-by: Roel Kluin <roel.kluin at gmail.com>
> ---
> diff --git a/fs/cifs/cifs_unicode.c b/fs/cifs/cifs_unicode.c
> index 60e3c42..cfdb831 100644
> --- a/fs/cifs/cifs_unicode.c
> +++ b/fs/cifs/cifs_unicode.c
> @@ -44,7 +44,7 @@ cifs_ucs2_bytes(const __le16 *from, int maxbytes,
> int maxwords = maxbytes / 2;
> char tmp[NLS_MAX_CHARSET_SIZE];
>
> - for (i = 0; from[i] && i < maxwords; i++) {
> + for (i = 0; i < maxword && from[i]; i++) {
> charlen = codepage->uni2char(le16_to_cpu(from[i]), tmp,
> NLS_MAX_CHARSET_SIZE);
> if (charlen > 0)
>
--
Thanks,
Steve
-------------- next part --------------
An HTML attachment was scrubbed...
URL: <http://lists.samba.org/pipermail/linux-cifs-client/attachments/20090803/b7239db3/attachment-0001.html>
More information about the linux-cifs-client
mailing list