8ad8aa353524d89fa2e09522f3078166ff78ec42 - SHIFTPHONES/kernel/common

commit	8ad8aa353524d89fa2e09522f3078166ff78ec42	[log] [tgz]
author	Dan Carpenter <dan.carpenter@oracle.com>	Thu Sep 06 12:47:51 2018 +0300
committer	Steve French <stfrench@microsoft.com>	Wed Sep 12 09:27:57 2018 -0500
tree	c95029b8a3efc9cdfbb70b9d666812c44ff18b17
parent	5890184d2b506f88886b7322d7d44464453bd3a6 [diff]

cifs: prevent integer overflow in nxt_dir_entry()

The "old_entry + le32_to_cpu(pDirInfo->NextEntryOffset)" can wrap
around so I have added a check for integer overflow.

Reported-by: Dr Silvio Cesare of InfoSect <silvio.cesare@gmail.com>
Reviewed-by: Ronnie Sahlberg <lsahlber@redhat.com>
Reviewed-by: Aurelien Aptel <aaptel@suse.com>
Signed-off-by: Dan Carpenter <dan.carpenter@oracle.com>
Signed-off-by: Steve French <stfrench@microsoft.com>
CC: Stable <stable@vger.kernel.org>

fs/cifs/readdir.c[diff]

1 file changed

tree: c95029b8a3efc9cdfbb70b9d666812c44ff18b17