diff options
author | Ingo Molnar <mingo@elte.hu> | 2009-04-20 18:08:07 +0200 |
---|---|---|
committer | Ingo Molnar <mingo@elte.hu> | 2009-04-20 18:08:12 +0200 |
commit | 62d170290979e0bb805d969cca4ea852bdd45260 (patch) | |
tree | 837372297501a2d144358b44e7db3f88c5612aa2 /fs/cifs/sess.c | |
parent | 8b5b94e4e9813cdd77103827f48d58c806ab45c6 (diff) | |
parent | d91dfbb41bb2e9bdbfbd2cc7078ed7436eab027a (diff) |
Merge branch 'linus' into x86/urgent
Merge reason: We need the x86/uv updates from upstream, to queue up
dependent fix.
Signed-off-by: Ingo Molnar <mingo@elte.hu>
Diffstat (limited to 'fs/cifs/sess.c')
-rw-r--r-- | fs/cifs/sess.c | 47 |
1 files changed, 27 insertions, 20 deletions
diff --git a/fs/cifs/sess.c b/fs/cifs/sess.c index 5c68b4282be..c652c73760d 100644 --- a/fs/cifs/sess.c +++ b/fs/cifs/sess.c @@ -285,35 +285,36 @@ static int decode_unicode_ssetup(char **pbcc_area, int bleft, int words_left, len; char *data = *pbcc_area; - - cFYI(1, ("bleft %d", bleft)); - - /* SMB header is unaligned, so cifs servers word align start of - Unicode strings */ - data++; - bleft--; /* Windows servers do not always double null terminate - their final Unicode string - in which case we - now will not attempt to decode the byte of junk - which follows it */ + /* + * Windows servers do not always double null terminate their final + * Unicode string. Check to see if there are an uneven number of bytes + * left. If so, then add an extra NULL pad byte to the end of the + * response. + * + * See section 2.7.2 in "Implementing CIFS" for details + */ + if (bleft % 2) { + data[bleft] = 0; + ++bleft; + } words_left = bleft / 2; /* save off server operating system */ len = UniStrnlen((wchar_t *) data, words_left); -/* We look for obvious messed up bcc or strings in response so we do not go off - the end since (at least) WIN2K and Windows XP have a major bug in not null - terminating last Unicode string in response */ if (len >= words_left) return rc; kfree(ses->serverOS); /* UTF-8 string will not grow more than four times as big as UCS-16 */ ses->serverOS = kzalloc((4 * len) + 2 /* trailing null */, GFP_KERNEL); - if (ses->serverOS != NULL) + if (ses->serverOS != NULL) { cifs_strfromUCS_le(ses->serverOS, (__le16 *)data, len, nls_cp); + cFYI(1, ("serverOS=%s", ses->serverOS)); + } data += 2 * (len + 1); words_left -= len + 1; @@ -328,6 +329,7 @@ static int decode_unicode_ssetup(char **pbcc_area, int bleft, if (ses->serverNOS != NULL) { cifs_strfromUCS_le(ses->serverNOS, (__le16 *)data, len, nls_cp); + cFYI(1, ("serverNOS=%s", ses->serverNOS)); if (strncmp(ses->serverNOS, "NT LAN Manager 4", 16) == 0) { cFYI(1, ("NT4 server")); ses->flags |= CIFS_SES_NT4; @@ -343,12 +345,11 @@ static int decode_unicode_ssetup(char **pbcc_area, int bleft, return rc; kfree(ses->serverDomain); - ses->serverDomain = kzalloc(2 * (len + 1), GFP_KERNEL); /* BB FIXME wrong length */ + ses->serverDomain = kzalloc((4 * len) + 2, GFP_KERNEL); if (ses->serverDomain != NULL) { cifs_strfromUCS_le(ses->serverDomain, (__le16 *)data, len, nls_cp); - ses->serverDomain[2*len] = 0; - ses->serverDomain[(2*len) + 1] = 0; + cFYI(1, ("serverDomain=%s", ses->serverDomain)); } data += 2 * (len + 1); words_left -= len + 1; @@ -702,12 +703,18 @@ CIFS_SessSetup(unsigned int xid, struct cifsSesInfo *ses, int first_time, } /* BB check if Unicode and decode strings */ - if (smb_buf->Flags2 & SMBFLG2_UNICODE) + if (smb_buf->Flags2 & SMBFLG2_UNICODE) { + /* unicode string area must be word-aligned */ + if (((unsigned long) bcc_ptr - (unsigned long) smb_buf) % 2) { + ++bcc_ptr; + --bytes_remaining; + } rc = decode_unicode_ssetup(&bcc_ptr, bytes_remaining, - ses, nls_cp); - else + ses, nls_cp); + } else { rc = decode_ascii_ssetup(&bcc_ptr, bytes_remaining, ses, nls_cp); + } ssetup_exit: if (spnego_key) { |