!1480 ksmbd: fix wrong UserName check in session_user

Merge Pull Request from: @ci-robot PR sync from: Li Lingfeng <lilingfeng3@huawei.com> https://mailweb.openeuler.org/hyperkitty/list/kernel@openeuler.org/message/Y2W37QUMGCXHZUAFBDA3UDH5CQW3KN2Z/ https://gitee.com/src-openeuler/kernel/issues/I7LU3D Link:https://gitee.com/openeuler/kernel/pulls/1480 Reviewed-by: Jialin Zhang <zhangjialin11@huawei.com> Signed-off-by: Jialin Zhang <zhangjialin11@huawei.com>

!1480 ksmbd: fix wrong UserName check in session_user
Merge Pull Request from: @ci-robot PR sync from: Li Lingfeng <lilingfeng3@huawei.com> https://mailweb.openeuler.org/hyperkitty/list/kernel@openeuler.org/message/Y2W37QUMGCXHZUAFBDA3UDH5CQW3KN2Z/ https://gitee.com/src-openeuler/kernel/issues/I7LU3D Link:https://gitee.com/openeuler/kernel/pulls/1480 Reviewed-by: Jialin Zhang <zhangjialin11@huawei.com> Signed-off-by: Jialin Zhang <zhangjialin11@huawei.com>
f2b120f2 · openeuler-ci-bot · Gitee · 2844cc2e · 2a2a280a · f2b120f2
隐藏空白更改
内联并排

Showing with 2 addition and 3 deletion

fs/ksmbd/smb2pdu.c fs/ksmbd/smb2pdu.c +2 -3

未找到文件。
--- a/fs/ksmbd/smb2pdu.c
+++ b/fs/ksmbd/smb2pdu.c
@@ -1383,7 +1383,7 @@ static struct ksmbd_user *session_user(struct ksmbd_conn *conn,
 	struct authenticate_message *authblob;
 	struct ksmbd_user *user;
 	char *name;
-	unsigned int auth_msg_len, name_off, name_len, secbuf_len;
+	unsigned int name_off, name_len, secbuf_len;

 	secbuf_len = le16_to_cpu(req->SecurityBufferLength);
 	if (secbuf_len < sizeof(struct authenticate_message)) {
@@ -1393,9 +1393,8 @@ static struct ksmbd_user *session_user(struct ksmbd_conn *conn,
 	authblob = user_authblob(conn, req);
 	name_off = le32_to_cpu(authblob->UserName.BufferOffset);
 	name_len = le16_to_cpu(authblob->UserName.Length);
-	auth_msg_len = le16_to_cpu(req->SecurityBufferOffset) + secbuf_len;

-	if (auth_msg_len < (u64)name_off + name_len)
+	if (secbuf_len < (u64)name_off + name_len)
 		return NULL;

 	name = smb_strndup_from_utf16((const char *)authblob + name_off,