[PATCH] smb: client: Fix format specifiers for size_t in parse_dfs_referrals()
Steve French
smfrench at gmail.com
Tue Oct 14 19:12:32 UTC 2025
Nathan,
Good catch. Have updated the patch with your change (rather than
having two patches) and added a Suggested-by. If you want a
Reviewed-by or Acked-by let me know.
Updated patch attached.
On Tue, Oct 14, 2025 at 1:33 PM Nathan Chancellor <nathan at kernel.org> wrote:
>
> When building for 32-bit platforms, for which 'size_t' is
> 'unsigned int', there are a couple instances of -Wformat:
>
> fs/smb/client/misc.c:922:25: error: format specifies type 'unsigned long' but the argument has type 'unsigned int' [-Werror,-Wformat]
> 921 | "%s: header is malformed (size is %u, must be %lu)\n",
> | ~~~
> | %u
> 922 | __func__, rsp_size, sizeof(*rsp));
> | ^~~~~~~~~~~~
> fs/smb/client/misc.c:940:5: error: format specifies type 'unsigned long' but the argument has type 'unsigned int' [-Werror,-Wformat]
> 938 | "%s: malformed buffer (size is %u, must be at least %lu)\n",
> | ~~~
> | %u
> 939 | __func__, rsp_size,
> 940 | sizeof(*rsp) + *num_of_nodes * sizeof(REFERRAL3));
> | ^~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~
>
> Use the proper 'size_t' format specifier, '%zu', to clear up these
> warnings.
>
> Cc: stable at vger.kernel.org
> Fixes: c1047752ed9f ("cifs: parse_dfs_referrals: prevent oob on malformed input")
> Signed-off-by: Nathan Chancellor <nathan at kernel.org>
> ---
> Feel free to squash this into the original change to make backporting
> easier. I included the tags in case rebasing was not an option.
> ---
> fs/smb/client/misc.c | 4 ++--
> 1 file changed, 2 insertions(+), 2 deletions(-)
>
> diff --git a/fs/smb/client/misc.c b/fs/smb/client/misc.c
> index 987f0ca73123..e10123d8cd7d 100644
> --- a/fs/smb/client/misc.c
> +++ b/fs/smb/client/misc.c
> @@ -918,7 +918,7 @@ parse_dfs_referrals(struct get_dfs_referral_rsp *rsp, u32 rsp_size,
>
> if (rsp_size < sizeof(*rsp)) {
> cifs_dbg(VFS | ONCE,
> - "%s: header is malformed (size is %u, must be %lu)\n",
> + "%s: header is malformed (size is %u, must be %zu)\n",
> __func__, rsp_size, sizeof(*rsp));
> rc = -EINVAL;
> goto parse_DFS_referrals_exit;
> @@ -935,7 +935,7 @@ parse_dfs_referrals(struct get_dfs_referral_rsp *rsp, u32 rsp_size,
>
> if (sizeof(*rsp) + *num_of_nodes * sizeof(REFERRAL3) > rsp_size) {
> cifs_dbg(VFS | ONCE,
> - "%s: malformed buffer (size is %u, must be at least %lu)\n",
> + "%s: malformed buffer (size is %u, must be at least %zu)\n",
> __func__, rsp_size,
> sizeof(*rsp) + *num_of_nodes * sizeof(REFERRAL3));
> rc = -EINVAL;
>
> ---
> base-commit: 4e47319b091f90d5776efe96d6c198c139f34883
> change-id: 20251014-smb-client-fix-wformat-32b-parse_dfs_referrals-189b8c6fdf75
>
> Best regards,
> --
> Nathan Chancellor <nathan at kernel.org>
>
>
--
Thanks,
Steve
-------------- next part --------------
A non-text attachment was scrubbed...
Name: 0001-cifs-parse_dfs_referrals-prevent-oob-on-malformed-in.patch
Type: text/x-patch
Size: 2087 bytes
Desc: not available
URL: <http://lists.samba.org/pipermail/samba-technical/attachments/20251014/8ca4d122/0001-cifs-parse_dfs_referrals-prevent-oob-on-malformed-in.bin>
More information about the samba-technical
mailing list