[kernel] r17879 - in dists/lenny/linux-2.6/debian: . patches/bugfix/all patches/series
Dann Frazier
dannf at alioth.debian.org
Tue Aug 2 05:47:10 UTC 2011
Author: dannf
Date: Tue Aug 2 05:47:09 2011
New Revision: 17879
Log:
cifs: fix an oops that can occur when accessing filenames containing
accented characters from a Windows ME server (Closes: #524438)
Added:
dists/lenny/linux-2.6/debian/patches/bugfix/all/cifs-check-that-last-search-entry-resume-key-is-valid.patch
dists/lenny/linux-2.6/debian/patches/bugfix/all/cifs-fix-saving-of-resume-key-before-CIFSFindNext.patch
Modified:
dists/lenny/linux-2.6/debian/changelog
dists/lenny/linux-2.6/debian/patches/series/27
Modified: dists/lenny/linux-2.6/debian/changelog
==============================================================================
--- dists/lenny/linux-2.6/debian/changelog Sun Jul 31 17:19:18 2011 (r17878)
+++ dists/lenny/linux-2.6/debian/changelog Tue Aug 2 05:47:09 2011 (r17879)
@@ -31,6 +31,8 @@
- [x86] Flush TLB if PGD entry is changed in i386 PAE mode
- ext3: skip orphan cleanup on rocompat fs
- cciss: fix lost command issue
+ * cifs: fix an oops that can occur when accessing filenames containing
+ accented characters from a Windows ME server (Closes: #524438)
-- Ben Hutchings <ben at decadent.org.uk> Mon, 29 Nov 2010 02:01:24 +0000
Added: dists/lenny/linux-2.6/debian/patches/bugfix/all/cifs-check-that-last-search-entry-resume-key-is-valid.patch
==============================================================================
--- /dev/null 00:00:00 1970 (empty, because file is newly added)
+++ dists/lenny/linux-2.6/debian/patches/bugfix/all/cifs-check-that-last-search-entry-resume-key-is-valid.patch Tue Aug 2 05:47:09 2011 (r17879)
@@ -0,0 +1,72 @@
+commit b77d753c413e02559669df66e543869dad40c847
+Author: Steve French <sfrench at us.ibm.com>
+Date: Wed Oct 8 19:13:46 2008 +0000
+
+ [CIFS] Check that last search entry resume key is valid
+
+ Jeff's recent patch to add a last_entry field in the search structure
+ to better construct resume keys did not validate that the server
+ sent us a plausible pointer to the last entry. This adds that.
+
+ Signed-off-by: Steve French <sfrench at us.ibm.com>
+
+diff --git a/fs/cifs/cifssmb.c b/fs/cifs/cifssmb.c
+index 7b00a16..6f4ffe1 100644
+--- a/fs/cifs/cifssmb.c
++++ b/fs/cifs/cifssmb.c
+@@ -3614,6 +3614,8 @@ findFirstRetry:
+ /* BB remember to free buffer if error BB */
+ rc = validate_t2((struct smb_t2_rsp *)pSMBr);
+ if (rc == 0) {
++ unsigned int lnoff;
++
+ if (pSMBr->hdr.Flags2 & SMBFLG2_UNICODE)
+ psrch_inf->unicode = true;
+ else
+@@ -3636,8 +3638,17 @@ findFirstRetry:
+ le16_to_cpu(parms->SearchCount);
+ psrch_inf->index_of_last_entry = 2 /* skip . and .. */ +
+ psrch_inf->entries_in_buffer;
++ lnoff = le16_to_cpu(parms->LastNameOffset);
++ if (tcon->ses->server->maxBuf - MAX_CIFS_HDR_SIZE <
++ lnoff) {
++ cERROR(1, ("ignoring corrupt resume name"));
++ psrch_inf->last_entry = NULL;
++ return rc;
++ }
++
+ psrch_inf->last_entry = psrch_inf->srch_entries_start +
+- le16_to_cpu(parms->LastNameOffset);
++ lnoff;
++
+ *pnetfid = parms->SearchHandle;
+ } else {
+ cifs_buf_release(pSMB);
+@@ -3727,6 +3738,8 @@ int CIFSFindNext(const int xid, struct cifsTconInfo *tcon,
+ rc = validate_t2((struct smb_t2_rsp *)pSMBr);
+
+ if (rc == 0) {
++ unsigned int lnoff;
++
+ /* BB fixme add lock for file (srch_info) struct here */
+ if (pSMBr->hdr.Flags2 & SMBFLG2_UNICODE)
+ psrch_inf->unicode = true;
+@@ -3753,8 +3766,16 @@ int CIFSFindNext(const int xid, struct cifsTconInfo *tcon,
+ le16_to_cpu(parms->SearchCount);
+ psrch_inf->index_of_last_entry +=
+ psrch_inf->entries_in_buffer;
+- psrch_inf->last_entry = psrch_inf->srch_entries_start +
+- le16_to_cpu(parms->LastNameOffset);
++ lnoff = le16_to_cpu(parms->LastNameOffset);
++ if (tcon->ses->server->maxBuf - MAX_CIFS_HDR_SIZE <
++ lnoff) {
++ cERROR(1, ("ignoring corrupt resume name"));
++ psrch_inf->last_entry = NULL;
++ return rc;
++ } else
++ psrch_inf->last_entry =
++ psrch_inf->srch_entries_start + lnoff;
++
+ /* cFYI(1,("fnxt2 entries in buf %d index_of_last %d",
+ psrch_inf->entries_in_buffer, psrch_inf->index_of_last_entry)); */
+
Added: dists/lenny/linux-2.6/debian/patches/bugfix/all/cifs-fix-saving-of-resume-key-before-CIFSFindNext.patch
==============================================================================
--- /dev/null 00:00:00 1970 (empty, because file is newly added)
+++ dists/lenny/linux-2.6/debian/patches/bugfix/all/cifs-fix-saving-of-resume-key-before-CIFSFindNext.patch Tue Aug 2 05:47:09 2011 (r17879)
@@ -0,0 +1,39 @@
+commit a364bc0b37f14ffd66c1f982af42990a9d77fa43
+Author: Jeff Layton <sfrench at us.ibm.com>
+Date: Tue Oct 21 14:42:13 2008 +0000
+
+ [CIFS] fix saving of resume key before CIFSFindNext
+
+ We recently fixed the cifs readdir code so that it saves the resume key
+ before calling CIFSFindNext. Unfortunately, this assumes that we have
+ just done a CIFSFindFirst (or FindNext) and have resume info to save.
+ This isn't necessarily the case. Fix the code to save resume info if we
+ had to reinitiate the search, and after a FindNext.
+
+ This fixes connectathon basic test6 against NetApp filers.
+
+ Signed-off-by: Jeff Layton <jlayton at redhat.com>
+ CC: Stable <stable at kernel.org>
+ Signed-off-by: Steve French <sfrench at us.ibm.com>
+
+diff --git a/fs/cifs/readdir.c b/fs/cifs/readdir.c
+index 765adf1..58d5729 100644
+--- a/fs/cifs/readdir.c
++++ b/fs/cifs/readdir.c
+@@ -762,14 +762,15 @@ static int find_cifs_entry(const int xid, struct cifsTconInfo *pTcon,
+ rc));
+ return rc;
+ }
++ cifs_save_resume_key(cifsFile->srch_inf.last_entry, cifsFile);
+ }
+
+ while ((index_to_find >= cifsFile->srch_inf.index_of_last_entry) &&
+ (rc == 0) && !cifsFile->srch_inf.endOfSearch) {
+ cFYI(1, ("calling findnext2"));
+- cifs_save_resume_key(cifsFile->srch_inf.last_entry, cifsFile);
+ rc = CIFSFindNext(xid, pTcon, cifsFile->netfid,
+ &cifsFile->srch_inf);
++ cifs_save_resume_key(cifsFile->srch_inf.last_entry, cifsFile);
+ if (rc)
+ return -ENOENT;
+ }
Modified: dists/lenny/linux-2.6/debian/patches/series/27
==============================================================================
--- dists/lenny/linux-2.6/debian/patches/series/27 Sun Jul 31 17:19:18 2011 (r17878)
+++ dists/lenny/linux-2.6/debian/patches/series/27 Tue Aug 2 05:47:09 2011 (r17879)
@@ -21,3 +21,5 @@
+ bugfix/x86/flush-tlb-if-pgd-entry-is-changed-in-pae-mode.patch
+ bugfix/all/ext3-skip-orphan-cleanup-on-rocompat-fs.patch
+ bugfix/all/cciss-fix-lost-command-issue.patch
++ bugfix/all/cifs-check-that-last-search-entry-resume-key-is-valid.patch
++ bugfix/all/cifs-fix-saving-of-resume-key-before-CIFSFindNext.patch
More information about the Kernel-svn-changes
mailing list