Kernel/linux-next
1
0
Fork 0
mirror of https://git.kernel.org/pub/scm/linux/kernel/git/next/linux-next.git synced 2025-01-17 13:58:46 +00:00
Code Issues Actions Packages Projects Releases Wiki Activity
linux-next/fs/ksmbd
History
David Disseldorp e7067a4462 ksmbd: avoid out of bounds access in decode_preauth_ctxt() 
Confirm that the accessed pneg_ctxt->HashAlgorithms address sits within
the SMB request boundary; deassemble_neg_contexts() only checks that the
eight byte smb2_neg_context header + (client controlled) DataLength are
within the packet boundary, which is insufficient.

Checking for sizeof(struct smb2_preauth_neg_context) is overkill given
that the type currently assumes SMB311_SALT_SIZE bytes of trailing Salt.

Signed-off-by: David Disseldorp <ddiss@suse.de>
Acked-by: Namjae Jeon <linkinjeon@kernel.org>
Cc: <stable@vger.kernel.org>
Signed-off-by: Steve French <stfrench@microsoft.com>
2023-04-13 14:17:32 -05:00
..
mgmt
ksmbd: Implements sess->rpc_handle_list as xarray
2023-01-29 18:10:42 -06:00
asn1.c
ksmbd: Remove duplicated codes
2023-01-30 20:49:30 -06:00
asn1.h
ksmbd: move fs/cifsd to fs/ksmbd
2021-06-28 16:28:31 +09:00
auth.c
ksmbd: fix wrong signingkey creation when encryption is AES256
2023-03-22 16:32:50 -05:00
auth.h
ksmbd: fix encryption failure issue for session logoff response
2022-10-05 01:15:44 -05:00
connection.c
ksmbd: delete asynchronous work from list
2023-04-02 23:08:52 -05:00
connection.h
ksmbd: don't terminate inactive sessions after a few seconds
2023-03-22 16:38:33 -05:00
crypto_ctx.c
ksmbd: remove NTLMv1 authentication
2021-09-29 16:17:34 -05:00
crypto_ctx.h
ksmbd: remove NTLMv1 authentication
2021-09-29 16:17:34 -05:00
glob.h
ksmbd: fix version mismatch with out of tree
2021-10-07 10:18:34 -05:00
Kconfig
ksmbd: update Kconfig to note Kerberos support and fix indentation
2023-01-30 20:49:30 -06:00
ksmbd_netlink.h
ksmbd: add max connections parameter
2023-01-20 15:27:48 -06:00
ksmbd_spnego_negtokeninit.asn1
ksmbd: move fs/cifsd to fs/ksmbd
2021-06-28 16:28:31 +09:00
ksmbd_spnego_negtokentarg.asn1
ksmbd: move fs/cifsd to fs/ksmbd
2021-06-28 16:28:31 +09:00
ksmbd_work.c
ksmbd: Remove redundant 'flush_workqueue()' calls
2021-11-06 23:52:06 -05:00
ksmbd_work.h
ksmbd: delete asynchronous work from list
2023-04-02 23:08:52 -05:00
Makefile
ksmbd: move fs/cifsd to fs/ksmbd
2021-06-28 16:28:31 +09:00
misc.c
ksmbd: validate share name from share config response
2022-10-05 01:15:44 -05:00
misc.h
ksmbd: validate share name from share config response
2022-10-05 01:15:44 -05:00
ndr.c
fs.idmapped.v6.3
2023-02-20 11:53:11 -08:00
ndr.h
fs: port i_{g,u}id_into_vfs{g,u}id() to mnt_idmap
2023-01-19 09:24:29 +01:00
nterr.h
ksmbd: move fs/cifsd to fs/ksmbd
2021-06-28 16:28:31 +09:00
ntlmssp.h
treewide: Replace zero-length arrays with flexible-array members
2022-02-17 07:00:39 -06:00
oplock.c
fs: port i_{g,u}id_into_vfs{g,u}id() to mnt_idmap
2023-01-19 09:24:29 +01:00
oplock.h
ksmbd: remove filename in ksmbd_file
2022-04-14 20:56:13 -05:00
server.c
ksmbd: fix slab-out-of-bounds in init_smb2_rsp_hdr
2023-04-02 23:08:56 -05:00
server.h
ksmbd: add max connections parameter
2023-01-20 15:27:48 -06:00
smb2misc.c
ksmbd: do not allow the actual frame length to be smaller than the rfc1002 length
2023-02-15 00:04:38 -06:00
smb2ops.c
smb3: Replace smb2pdu 1-element arrays with flex-arrays
2023-02-20 17:25:43 -06:00
smb2pdu.c
ksmbd: avoid out of bounds access in decode_preauth_ctxt()
2023-04-13 14:17:32 -05:00
smb2pdu.h
ksmbd: delete asynchronous work from list
2023-04-02 23:08:52 -05:00
smb_common.c
ksmbd: fix slab-out-of-bounds in init_smb2_rsp_hdr
2023-04-02 23:08:56 -05:00
smb_common.h
ksmbd: fix slab-out-of-bounds in init_smb2_rsp_hdr
2023-04-02 23:08:56 -05:00
smbacl.c
fs: port vfs{g,u}id helpers to mnt_idmap
2023-01-19 09:24:30 +01:00
smbacl.h
fs: port vfs{g,u}id helpers to mnt_idmap
2023-01-19 09:24:30 +01:00
smbfsctl.h
ksmbd: move fs/cifsd to fs/ksmbd
2021-06-28 16:28:31 +09:00
smbstatus.h
ksmbd: move fs/cifsd to fs/ksmbd
2021-06-28 16:28:31 +09:00
transport_ipc.c
ksmbd: add max connections parameter
2023-01-20 15:27:48 -06:00
transport_ipc.h
ksmbd: throttle session setup failures to avoid dictionary attacks
2021-10-20 00:07:10 -05:00
transport_rdma.c
ksmbd: don't terminate inactive sessions after a few seconds
2023-03-22 16:38:33 -05:00
transport_rdma.h
ksmbd: fix wrong smbd max read/write size check
2022-05-21 15:01:43 -05:00
transport_tcp.c
ksmbd: don't terminate inactive sessions after a few seconds
2023-03-22 16:38:33 -05:00
transport_tcp.h
ksmbd: move fs/cifsd to fs/ksmbd
2021-06-28 16:28:31 +09:00
unicode.c
ksmbd: remove unused is_char_allowed function
2023-03-25 14:54:06 -05:00
unicode.h
ksmbd: casefold utf-8 share names and fix ascii lowercase conversion
2022-10-05 01:15:37 -05:00
uniupr.h
ksmbd: move fs/cifsd to fs/ksmbd
2021-06-28 16:28:31 +09:00
vfs_cache.c
ten smb3 server fixes, including three for stable
2023-02-22 14:17:27 -08:00
vfs_cache.h
ksmbd: remove filename in ksmbd_file
2022-04-14 20:56:13 -05:00
vfs.c
ten smb3 server fixes, including three for stable
2023-02-22 14:17:27 -08:00
vfs.h
fs: port ->permission() to pass mnt_idmap
2023-01-19 09:24:28 +01:00
xattr.h
treewide: Replace zero-length arrays with flexible-array members
2022-02-17 07:00:39 -06:00