Donate to e Foundation | Murena handsets with /e/OS | Own a part of Murena! Learn more

Commit 8e6f195a authored by Steve French's avatar Steve French
Browse files

[CIFS] Fix oops when Windows server sent bad domain name null terminator 



Fixes RedHat bug 211672

Windows sends one byte (instead of two) of null to terminate final Unicode
string (domain name) in session setup response in some cases - this caused
cifs to misalign some informational strings (making it hard to convert
from UCS16 to UTF8).

Thanks to Shaggy for his help and Akemi Yagi for debugging/testing

Signed-off-by: default avatarShirish Pargaonkar <shirishp@us.ibm.com>
Signed-off-by: default avatarSteve French <sfrench@us.ibm.com>
parent bd2abf17

fs/cifs/sess.c

+8 −5
Original line number Diff line number Diff line
@@ -182,11 +182,14 @@ static int decode_unicode_ssetup(char ** pbcc_area, int bleft, struct cifsSesInf 
	cFYI(1,("bleft %d",bleft));





	/* word align, if bytes remaining is not even */

	if(bleft % 2) {

		bleft--;

	/* SMB header is unaligned, so cifs servers word align start of

	   Unicode strings */

	data++;

	}

	bleft--; /* Windows servers do not always double null terminate

		    their final Unicode string - in which case we

		    now will not attempt to decode the byte of junk

		    which follows it */

		    

	words_left = bleft / 2;



	/* save off server operating system */