diff options
| author | Jeff Layton <jlayton@redhat.com> | 2011-04-29 06:52:44 -0400 |
|---|---|---|
| committer | Steve French <sfrench@us.ibm.com> | 2011-05-03 03:42:15 +0000 |
| commit | 16541ba11c4f04ffe94b073e301f00b749fb84a1 (patch) | |
| tree | 3ff03fa9202ba3bbe4aee3d036cddd6f0dbaceba | |
| parent | 146f9f65bd13f56665205aed7205d531c810cb35 (diff) | |
| download | kernel_samsung_espresso10-16541ba11c4f04ffe94b073e301f00b749fb84a1.zip kernel_samsung_espresso10-16541ba11c4f04ffe94b073e301f00b749fb84a1.tar.gz kernel_samsung_espresso10-16541ba11c4f04ffe94b073e301f00b749fb84a1.tar.bz2 | |
cifs: handle errors from coalesce_t2
cifs_demultiplex_thread calls coalesce_t2 to try and merge follow-on t2
responses into the original mid buffer. coalesce_t2 however can return
errors, but the caller doesn't handle that situation properly. Fix the
thread to treat such a case as it would a malformed packet. Mark the
mid as being malformed and issue the callback.
Cc: stable@kernel.org
Acked-by: David Howells <dhowells@redhat.com>
Signed-off-by: Jeff Layton <jlayton@redhat.com>
Signed-off-by: Steve French <sfrench@us.ibm.com>
| -rw-r--r-- | fs/cifs/connect.c | 10 |
1 files changed, 7 insertions, 3 deletions
diff --git a/fs/cifs/connect.c b/fs/cifs/connect.c index bfbf323..05f1dcf 100644 --- a/fs/cifs/connect.c +++ b/fs/cifs/connect.c @@ -630,12 +630,16 @@ incomplete_rcv: isMultiRsp = true; if (mid_entry->resp_buf) { /* merge response - fix up 1st*/ - if (coalesce_t2(smb_buffer, - mid_entry->resp_buf)) { + length = coalesce_t2(smb_buffer, + mid_entry->resp_buf); + if (length > 0) { + length = 0; mid_entry->multiRsp = true; break; } else { - /* all parts received */ + /* all parts received or + * packet is malformed + */ mid_entry->multiEnd = true; goto multi_t2_fnd; } |