diff options
| author | ZhangGuoDong <zhangguodong@kylinos.cn> | 2026-03-03 18:13:12 +0300 |
|---|---|---|
| committer | Greg Kroah-Hartman <gregkh@linuxfoundation.org> | 2026-03-25 13:05:41 +0300 |
| commit | db93ff008d2ea031f0b9792e4100d1c504eb6f75 (patch) | |
| tree | 1203e16ee2ff3876a5d48f5dacff6a6f077c0bd0 /fs/smb/client | |
| parent | 99acd1ea3499ae09ae6b1378a273e54e0683b733 (diff) | |
| download | linux-db93ff008d2ea031f0b9792e4100d1c504eb6f75.tar.xz | |
smb/client: fix buffer size for smb311_posix_qinfo in SMB311_posix_query_info()
[ Upstream commit 9621b996e4db1dbc2b3dc5d5910b7d6179397320 ]
SMB311_posix_query_info() is currently unused, but it may still be used in
some stable versions, so these changes are submitted as a separate patch.
Use `sizeof(struct smb311_posix_qinfo)` instead of sizeof its pointer,
so the allocated buffer matches the actual struct size.
Fixes: b1bc1874b885 ("smb311: Add support for SMB311 query info (non-compounded)")
Reported-by: ChenXiaoSong <chenxiaosong@kylinos.cn>
Signed-off-by: ZhangGuoDong <zhangguodong@kylinos.cn>
Reviewed-by: ChenXiaoSong <chenxiaosong@kylinos.cn>
Signed-off-by: Steve French <stfrench@microsoft.com>
Signed-off-by: Sasha Levin <sashal@kernel.org>
Diffstat (limited to 'fs/smb/client')
| -rw-r--r-- | fs/smb/client/smb2pdu.c | 2 |
1 files changed, 1 insertions, 1 deletions
diff --git a/fs/smb/client/smb2pdu.c b/fs/smb/client/smb2pdu.c index d1d332f08883..094f431e428f 100644 --- a/fs/smb/client/smb2pdu.c +++ b/fs/smb/client/smb2pdu.c @@ -3927,7 +3927,7 @@ int SMB311_posix_query_info(const unsigned int xid, struct cifs_tcon *tcon, u64 persistent_fid, u64 volatile_fid, struct smb311_posix_qinfo *data, u32 *plen) { - size_t output_len = sizeof(struct smb311_posix_qinfo *) + + size_t output_len = sizeof(struct smb311_posix_qinfo) + (sizeof(struct smb_sid) * 2) + (PATH_MAX * 2); *plen = 0; |