Donate to e Foundation | Murena handsets with /e/OS | Own a part of Murena! Learn more

Commit 6cec2aed authored by Steve French's avatar Steve French Committed by Linus Torvalds
Browse files

[PATCH] CIFS: CIFSSMBRead was returning an invalid pointer in buf on socket error 



Thanks to Adrian Bunk for debugging the problem and to Shaggy for
helping find the solution.

Also added a fix for 64K pages we found in loosely-related testing

Signed-off-by: default avatarDave Kleikamp <shaggy@austin.ibm.com>
Signed-off-by: default avatarSteve French <sfrench@us.ibm.com>
Signed-off-by: default avatarLinus Torvalds <torvalds@osdl.org>
parent c45ec656

fs/cifs/cifssmb.c

+4 −3
Original line number Diff line number Diff line
@@ -1048,13 +1048,14 @@ CIFSSMBRead(const int xid, struct cifsTconInfo *tcon, 
			cifs_small_buf_release(iov[0].iov_base);

		else if(resp_buf_type == CIFS_LARGE_BUFFER)

			cifs_buf_release(iov[0].iov_base);

	} else /* return buffer to caller to free */ /* BB FIXME how do we tell caller if it is not a large buffer */ {

	} else if(resp_buf_type != CIFS_NO_BUFFER) {

		/* return buffer to caller to free */ 

		*buf = iov[0].iov_base;		

		if(resp_buf_type == CIFS_SMALL_BUFFER)

			*pbuf_type = CIFS_SMALL_BUFFER;

		else if(resp_buf_type == CIFS_LARGE_BUFFER)

			*pbuf_type = CIFS_LARGE_BUFFER;

	}

	} /* else no valid buffer on return - leave as null */



	/* Note: On -EAGAIN error only caller can retry on handle based calls

		since file handle passed in no longer valid */

fs/cifs/connect.c

+4 −4
Original line number Diff line number Diff line
@@ -1795,10 +1795,10 @@ cifs_mount(struct super_block *sb, struct cifs_sb_info *cifs_sb, 
			   conjunction with 52K kvec constraint on arch with 4K

			   page size  */



		if(cifs_sb->rsize < PAGE_CACHE_SIZE) {

			cifs_sb->rsize = PAGE_CACHE_SIZE; 

			/* Windows ME does this */

			cFYI(1,("Attempt to set readsize for mount to less than one page (4096)"));

		if(cifs_sb->rsize < 2048) {

			cifs_sb->rsize = 2048; 

			/* Windows ME may prefer this */

			cFYI(1,("readsize set to minimum 2048"));

		}

		cifs_sb->mnt_uid = volume_info.linux_uid;

		cifs_sb->mnt_gid = volume_info.linux_gid;