提交 7715dad8 编写于 作者: J Jeff Layton 提交者: Steve French

cifs: clean up the SecurityFlags write handler

The SecurityFlags handler uses an obsolete simple_strtoul() call, and
doesn't really handle the bounds checking well. Fix it to use
kstrtouint() instead. Clean up the error messages as well and fix a
bogus check for an unsigned int to be less than 0.
Signed-off-by: NJeff Layton <jlayton@redhat.com>
Reviewed-by: NPavel Shilovsky <piastry@etersoft.ru>
Signed-off-by: NSteve French <smfrench@gmail.com>
上级 896a8fc2
...@@ -598,6 +598,7 @@ static int cifs_security_flags_proc_open(struct inode *inode, struct file *file) ...@@ -598,6 +598,7 @@ static int cifs_security_flags_proc_open(struct inode *inode, struct file *file)
static ssize_t cifs_security_flags_proc_write(struct file *file, static ssize_t cifs_security_flags_proc_write(struct file *file,
const char __user *buffer, size_t count, loff_t *ppos) const char __user *buffer, size_t count, loff_t *ppos)
{ {
int rc;
unsigned int flags; unsigned int flags;
char flags_string[12]; char flags_string[12];
char c; char c;
...@@ -620,26 +621,33 @@ static ssize_t cifs_security_flags_proc_write(struct file *file, ...@@ -620,26 +621,33 @@ static ssize_t cifs_security_flags_proc_write(struct file *file,
global_secflags = CIFSSEC_MAX; global_secflags = CIFSSEC_MAX;
return count; return count;
} else if (!isdigit(c)) { } else if (!isdigit(c)) {
cifs_dbg(VFS, "invalid flag %c\n", c); cifs_dbg(VFS, "Invalid SecurityFlags: %s\n",
flags_string);
return -EINVAL; return -EINVAL;
} }
} }
/* else we have a number */
flags = simple_strtoul(flags_string, NULL, 0); /* else we have a number */
rc = kstrtouint(flags_string, 0, &flags);
if (rc) {
cifs_dbg(VFS, "Invalid SecurityFlags: %s\n",
flags_string);
return rc;
}
cifs_dbg(FYI, "sec flags 0x%x\n", flags); cifs_dbg(FYI, "sec flags 0x%x\n", flags);
if (flags <= 0) { if (flags == 0) {
cifs_dbg(VFS, "invalid security flags %s\n", flags_string); cifs_dbg(VFS, "Invalid SecurityFlags: %s\n", flags_string);
return -EINVAL; return -EINVAL;
} }
if (flags & ~CIFSSEC_MASK) { if (flags & ~CIFSSEC_MASK) {
cifs_dbg(VFS, "attempt to set unsupported security flags 0x%x\n", cifs_dbg(VFS, "Unsupported security flags: 0x%x\n",
flags & ~CIFSSEC_MASK); flags & ~CIFSSEC_MASK);
return -EINVAL; return -EINVAL;
} }
/* flags look ok - update the global security flags for cifs module */ /* flags look ok - update the global security flags for cifs module */
global_secflags = flags; global_secflags = flags;
if (global_secflags & CIFSSEC_MUST_SIGN) { if (global_secflags & CIFSSEC_MUST_SIGN) {
......
Markdown is supported
0% .
You are about to add 0 people to the discussion. Proceed with caution.
先完成此消息的编辑!
想要评论请 注册