cifs: extra sanity checking for cifs.idmap keys
authorJeff Layton <jlayton@redhat.com>
Mon, 3 Dec 2012 11:05:30 +0000 (06:05 -0500)
committerSteve French <smfrench@gmail.com>
Sun, 9 Dec 2012 04:04:32 +0000 (22:04 -0600)
commit2ae03025d520de581fd1c58e98bbf3045c0f4695
tree4795149c42b5ecdddd4540dd97c0972522183ea5
parent41a9f1f6b38664fc08431674d87871a57d763be1
cifs: extra sanity checking for cifs.idmap keys

Now that we aren't so rigid about the length of the key being passed
in, we need to be a bit more rigorous about checking the length of
the actual data against the claimed length (a'la num_subauths field).

Check for the case where userspace sends us a seemingly valid key
with a num_subauths field that goes beyond the end of the array. If
that happens, return -EIO and invalidate the key.

Also change the other places where we check for malformed keys in this
code to invalidate the key as well.

Reviewed-by: Shirish Pargaonkar <shirishpargaonkar@gmail.com>
Signed-off-by: Jeff Layton <jlayton@redhat.com>
Signed-off-by: Steve French <smfrench@gmail.com>
fs/cifs/cifsacl.c