CIFS: fix max ea value size

commit 63d37fb4ce5ae7bf1e58f906d1bf25f036fe79b2 upstream. It should not be larger then the slab max buf size. If user specifies a larger size, it passes this check and goes straightly to SMB2_set_info_init performing an insecure memcpy. Signed-off-by: Murphy Zhou <jencce.kernel@gmail.com> Reviewed-by: Aurelien Aptel <aaptel@suse.com> CC: Stable <stable@vger.kernel.org> Signed-off-by: Steve French <stfrench@microsoft.com> Signed-off-by: Greg Kroah-Hartman <gregkh@linuxfoundation.org>
author: Murphy Zhou <jencce.kernel@gmail.com> 2019-09-21 14:26:00 +0300
committer: Greg Kroah-Hartman <gregkh@linuxfoundation.org> 2019-10-05 16:12:36 +0300
commit: 9ea37d18a5bbedea0c65fcfa7c97ddec13ea618b (patch)
tree: 2a5c50d866a48aedbd075e14c0510477e37d1245
parent: 6bc7cc6a78a544df678972b89803a3a9efa7b6d7 (diff)
download: linux-9ea37d18a5bbedea0c65fcfa7c97ddec13ea618b.tar.xz
1 files changed, 1 insertions, 1 deletions
diff --git a/fs/cifs/xattr.c b/fs/cifs/xattr.c
index 9076150758d8..db4ba8f6077e 100644
--- a/fs/cifs/xattr.c
+++ b/fs/cifs/xattr.c
@@ -31,7 +31,7 @@
 #include "cifs_fs_sb.h"
 #include "cifs_unicode.h"
 
-#define MAX_EA_VALUE_SIZE 65535
+#define MAX_EA_VALUE_SIZE CIFSMaxBufSize
 #define CIFS_XATTR_CIFS_ACL "system.cifs_acl"
 #define CIFS_XATTR_ATTRIB "cifs.dosattrib"  /* full name: user.cifs.dosattrib */
 #define CIFS_XATTR_CREATETIME "cifs.creationtime"  /* user.cifs.creationtime */
author	Murphy Zhou <jencce.kernel@gmail.com>	2019-09-21 14:26:00 +0300
committer	Greg Kroah-Hartman <gregkh@linuxfoundation.org>	2019-10-05 16:12:36 +0300
commit	9ea37d18a5bbedea0c65fcfa7c97ddec13ea618b (patch)
tree	2a5c50d866a48aedbd075e14c0510477e37d1245
parent	6bc7cc6a78a544df678972b89803a3a9efa7b6d7 (diff)
download	linux-9ea37d18a5bbedea0c65fcfa7c97ddec13ea618b.tar.xz