summaryrefslogtreecommitdiffstats
path: root/fs/cifs/smb2pdu.h
diff options
context:
space:
mode:
authorSteve French <smfrench@gmail.com>2018-04-08 23:14:31 +0200
committerSteve French <smfrench@gmail.com>2018-04-12 23:52:38 +0200
commit136ff1b4b65edf09b6b7173ba94ad53347d3aa83 (patch)
treea3637b5dc7de1c91869b111f10eed9736f8a7d96 /fs/cifs/smb2pdu.h
parentCIFS: add ONCE flag for cifs_dbg type (diff)
downloadlinux-136ff1b4b65edf09b6b7173ba94ad53347d3aa83.tar.xz
linux-136ff1b4b65edf09b6b7173ba94ad53347d3aa83.zip
SMB3: Fix length checking of SMB3.11 negotiate request
The length checking for SMB3.11 negotiate request includes "negotiate contexts" which caused a buffer validation problem and a confusing warning message on SMB3.11 mount e.g.: SMB2 server sent bad RFC1001 len 236 not 170 Fix the length checking for SMB3.11 negotiate to account for the new negotiate context so that we don't log a warning on SMB3.11 mount by default but do log warnings if lengths returned by the server are incorrect. CC: Stable <stable@vger.kernel.org> Signed-off-by: Steve French <smfrench@gmail.com> Reviewed-by: Aurelien Aptel <aaptel@suse.com> Reviewed-by: Pavel Shilovsky <pshilov@microsoft.com>
Diffstat (limited to 'fs/cifs/smb2pdu.h')
-rw-r--r--fs/cifs/smb2pdu.h7
1 files changed, 7 insertions, 0 deletions
diff --git a/fs/cifs/smb2pdu.h b/fs/cifs/smb2pdu.h
index 253e2c7c952f..0e0a0af89e4d 100644
--- a/fs/cifs/smb2pdu.h
+++ b/fs/cifs/smb2pdu.h
@@ -263,6 +263,13 @@ struct smb2_negotiate_req {
#define SMB2_NT_FIND 0x00100000
#define SMB2_LARGE_FILES 0x00200000
+struct smb2_neg_context {
+ __le16 ContextType;
+ __le16 DataLength;
+ __le32 Reserved;
+ /* Followed by array of data */
+} __packed;
+
#define SMB311_SALT_SIZE 32
/* Hash Algorithm Types */
#define SMB2_PREAUTH_INTEGRITY_SHA512 cpu_to_le16(0x0001)