linux/fs/cifs at linux-5.4.y - linux - Gitea: Git with a cup of tea

michael/linux

Files

History

Roman Smirnov 1be4500cfa cifs: fix integer overflow in match_server()

[ Upstream commit 2510859475 ]

The echo_interval is not limited in any way during mounting,
which makes it possible to write a large number to it. This can
cause an overflow when multiplying ctx->echo_interval by HZ in
match_server().

Add constraints for echo_interval to smb3_fs_context_parse_param().

Found by Linux Verification Center (linuxtesting.org) with Svace.

Fixes: adfeb3e00e ("cifs: Make echo interval tunable")
Cc: stable@vger.kernel.org
Signed-off-by: Roman Smirnov <r.smirnov@omp.ru>
Signed-off-by: Steve French <stfrench@microsoft.com>
[ Adapted to older CIFS filesystem structure and mount option parsing ]
Signed-off-by: Sasha Levin <sashal@kernel.org>
Signed-off-by: Greg Kroah-Hartman <gregkh@linuxfoundation.org>

2025-09-09 18:44:02 +02:00

..

asn1.c

cifs: remove bogus debug code

2020-10-29 09:57:28 +01:00

cache.c

…

cifs_debug.c

cifs: Don't display RDMA transport on reconnect

2019-12-21 11:04:43 +01:00

cifs_debug.h

cifs: add a debug macro that prints \\server\share for errors

2019-09-16 11:43:38 -05:00

cifs_dfs_ref.c

cifs: prevent NULL deref in cifs_compose_mount_options()

2021-07-25 14:35:13 +02:00

cifs_fs_sb.h

smb3: add mount option to allow RW caching of share accessed by only 1 client

2019-09-16 11:43:38 -05:00

cifs_ioctl.h

smb3: allow decryption keys to be dumped by admin for debugging

2019-09-21 06:02:26 -05:00

cifs_spnego.c

cifs: spnego: add ';' in HOST_KEY_LEN

2023-11-28 16:50:17 +00:00

cifs_spnego.h

…

cifs_unicode.c

CIFS: Fix a potencially linear read overflow

2021-09-15 09:47:36 +02:00

cifs_unicode.h

…

cifs_uniupr.h

…

cifsacl.c

SMB3: Backup intent flag missing from some more ops

2023-03-17 08:32:50 +01:00

cifsacl.h

smb3: missing ACL related flags

2019-09-26 16:37:43 -05:00

cifsencrypt.c

…

cifsfs.c

cifs: Fix non-availability of dedup breaking generic/304

2023-12-13 18:18:17 +01:00

cifsfs.h

cifs: fix DFS traversal oops without CONFIG_CIFS_DFS_UPCALL

2023-04-05 11:16:45 +02:00

cifsglob.h

cifs: Fix UAF in cifs_demultiplex_thread()

2025-08-28 16:21:36 +02:00

cifspdu.h

…

cifsproto.h

smb3: fix problem with null cifs super block with previous patch

2023-04-20 12:07:32 +02:00

cifsroot.c

cifs: cifsroot: add more err checking

2019-09-16 11:43:39 -05:00

cifssmb.c

cifs: Fix calling CIFSFindFirst() for root path without msearch

2025-08-28 16:21:27 +02:00

connect.c

cifs: fix integer overflow in match_server()

2025-09-09 18:44:02 +02:00

dfs_cache.c

cifs: Fix potential deadlock when updating vol in cifs_reconnect()

2023-06-28 10:18:37 +02:00

dfs_cache.h

…

dir.c

SMB3: Backup intent flag missing from some more ops

2023-03-17 08:32:50 +01:00

dns_resolve.c

…

dns_resolve.h

…

export.c

…

file.c

cifs: Release folio lock on fscache read hit.

2023-08-30 16:27:19 +02:00

fscache.c

…

fscache.h

…

inode.c

SMB3: Backup intent flag missing from some more ops

2023-03-17 08:32:50 +01:00

ioctl.c

SMB3: Backup intent flag missing from some more ops

2023-03-17 08:32:50 +01:00

Kconfig

Merge tag '5.4-smb3-fixes' of git://git.samba.org/sfrench/cifs-2.6

2019-09-19 10:32:16 -07:00

link.c

SMB3: Backup intent flag missing from some more ops

2023-03-17 08:32:50 +01:00

Makefile

cifs: Add support for root file systems

2019-09-16 11:43:38 -05:00

misc.c

cifs: Fix cifs_query_path_info() for Windows NT servers

2025-07-17 18:24:49 +02:00

netmisc.c

fs: cifs: mute -Wunused-const-variable message

2019-10-06 22:04:35 -05:00

nterr.c

…

nterr.h

…

ntlmssp.h

…

readdir.c

smb: client: Reset all search buffer pointers when releasing buffer

2025-06-04 14:32:36 +02:00

rfc1002pdu.h

…

sess.c

cifs: fix wrong release in sess_alloc_buffer() failed path

2021-09-22 12:26:35 +02:00

smb1ops.c

SMB3: Backup intent flag missing from some more ops

2023-03-17 08:32:50 +01:00

smb2file.c

cifs: Adjust indentation in smb2_open_file

2020-01-17 19:48:27 +01:00

smb2glob.h

…

smb2inode.c

SMB3: Backup intent flag missing from some more ops

2023-03-17 08:32:50 +01:00

smb2maperror.c

smb3: improve handling of share deleted (and share recreated)

2019-09-16 11:43:38 -05:00

smb2misc.c

smb: client: fix NULL deref in asn1_ber_decoder()

2024-01-08 11:29:45 +01:00

smb2ops.c

cifs: Fix buffer overflow when parsing NFS reparse points

2024-12-14 19:44:21 +01:00

smb2pdu.c

smb: client: fix OOBs when building SMB2_IOCTL request

2024-11-08 16:20:50 +01:00

smb2pdu.h

ksmbd: fix wrong name of SMB2_CREATE_ALLOCATION_SIZE

2024-01-08 11:29:42 +01:00

smb2proto.h

smb: client: fix potential OOBs in smb2_parse_contexts()

2024-05-25 16:17:17 +02:00

smb2status.h

…

smb2transport.c

CIFS: Fix task struct use-after-free on reconnect

2020-02-01 09:34:37 +00:00

smbdirect.c

smb: client: let recv_done() cleanup before notifying the callers.

2025-08-28 16:21:22 +02:00

smbdirect.h

…

smbencrypt.c

fs: cifs: move from the crypto cipher API to the new DES library interface

2019-08-22 14:57:34 +10:00

smberr.h

…

smbfsctl.h

smb3: Add missing reparse tags

2019-09-24 23:31:32 -05:00

trace.c

…

trace.h

smb3: add missing worker function for SMB3 change notify

2019-09-16 11:43:39 -05:00

transport.c

cifs: Fix UAF in cifs_demultiplex_thread()

2025-08-28 16:21:36 +02:00

winucase.c

…

xattr.c

CIFS: fix max ea value size

2019-09-23 23:28:59 -05:00