cifs: change bleft in decode_unicode_ssetup back to signed type
The buffer length checks in this function depend on this value being a signed data type, but 690c522f converted it to an unsigned type. Also, eliminate a problem with the null termination check in the same function. cifs_strndup_from_ucs handles that situation correctly already, and the existing check could potentially lead to a buffer overrun since it increments bleft without checking to see whether it falls off the end of the buffer. Cc: stable@kernel.org Reported-and-Acked-by: NDavid Howells <dhowells@redhat.com> Signed-off-by: NJeff Layton <jlayton@redhat.com> Signed-off-by: NSteve French <sfrench@us.ibm.com>
Showing
想要评论请 注册 或 登录