From patchwork Sat Nov  3 12:50:18 2012
Content-Type: text/plain; charset="utf-8"
MIME-Version: 1.0
Content-Transfer-Encoding: 7bit
X-Patchwork-Submitter: Jeff Layton <jlayton@samba.org>
X-Patchwork-Id: 1692231
Return-Path: <linux-cifs-owner@vger.kernel.org>
X-Original-To: patchwork-cifs-client@patchwork.kernel.org
Delivered-To: patchwork-process-083081@patchwork2.kernel.org
Received: from vger.kernel.org (vger.kernel.org [209.132.180.67])
	by patchwork2.kernel.org (Postfix) with ESMTP id E1C3BDFB7B
	for <patchwork-cifs-client@patchwork.kernel.org>;
	Sat,  3 Nov 2012 12:50:43 +0000 (UTC)
Received: (majordomo@vger.kernel.org) by vger.kernel.org via listexpand
	id S1755486Ab2KCMun (ORCPT
	<rfc822;patchwork-cifs-client@patchwork.kernel.org>);
	Sat, 3 Nov 2012 08:50:43 -0400
Received: from mail-gg0-f174.google.com ([209.85.161.174]:64925 "EHLO
	mail-gg0-f174.google.com" rhost-flags-OK-OK-OK-OK) by vger.kernel.org
	with ESMTP id S1755176Ab2KCMum (ORCPT
	<rfc822; linux-cifs@vger.kernel.org>); Sat, 3 Nov 2012 08:50:42 -0400
Received: by mail-gg0-f174.google.com with SMTP id k5so779725ggd.19
	for <linux-cifs@vger.kernel.org>;
	Sat, 03 Nov 2012 05:50:42 -0700 (PDT)
X-Google-DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed;
	d=google.com; s=20120113;
	h=sender:from:to:cc:subject:date:message-id:x-mailer:in-reply-to
	:references:x-gm-message-state;
	bh=eC3cINkR1Z6XNPTW8OxyOLiZvcsJmSoKEt/gdycrK+A=;
	b=hljb/aftOG7jlvBMg5bxZHKOzrXEBJRWptxVVlBWi32hkVO2wyc6ttOtCCiVN9HHy7
	+PxpnSNs7P0bgDkjbBbgHAQXs8ZIKDjxX8TwdUchKV86lz5r2Y0qpINsMhKVrqmv8g55
	zHkPpTMANIKReFzAtfUkoAxBqGBhZz9k5XezYivKHj7Q8ZU29cwOPbmcSt6WYfUO4hb1
	clNV44NQoZ63W5/1rtC5+EGpT5c9KjNpvl52cwElbPRB26+qyq8DJDAduPHjtXl6EfkH
	vCln2N9IfErQkvbwJTUYkspzHVtY/OG7Fp9vqUNRkQwSQ2tjiUSPKWDT5pw5UobrUFSb
	ERKw==
Received: by 10.236.83.103 with SMTP id p67mr4265148yhe.78.1351947041996;
	Sat, 03 Nov 2012 05:50:41 -0700 (PDT)
Received: from salusa.poochiereds.net (cpe-107-015-110-129.nc.res.rr.com.
	[107.15.110.129]) by mx.google.com with ESMTPS id
	n13sm11145727ano.20.2012.11.03.05.50.40
	(version=SSLv3 cipher=OTHER); Sat, 03 Nov 2012 05:50:41 -0700 (PDT)
From: Jeff Layton <jlayton@samba.org>
To: linux-cifs@vger.kernel.org
Cc: shirishpargaonkar@gmail.com
Subject: [PATCH 01/17] setcifsacl: clean up sizing of cifs_sid
Date: Sat,  3 Nov 2012 08:50:18 -0400
Message-Id: <1351947034-18876-2-git-send-email-jlayton@samba.org>
X-Mailer: git-send-email 1.7.11.7
In-Reply-To: <1351947034-18876-1-git-send-email-jlayton@samba.org>
References: <1351947034-18876-1-git-send-email-jlayton@samba.org>
X-Gm-Message-State: 
 ALoCoQkeTde5U5e8eIRufM4T4VcfejGuUahYsI+LXLeXW/cpzrbFZcpWf0N7KspozWGRel2KE1aP
Sender: linux-cifs-owner@vger.kernel.org
Precedence: bulk
List-ID: <linux-cifs.vger.kernel.org>
X-Mailing-List: linux-cifs@vger.kernel.org

The max number of subauthorities on windows and in winbind is generally
15, not 5. If winbind sends more than 5, then this code may end up
overrunning the buffer. Also, define some preprocessor constants and
use those instead of hardcoding '5' and '6' all over the place.

Signed-off-by: Jeff Layton <jlayton@samba.org>
---
 cifsacl.h    |  7 +++++--
 setcifsacl.c | 12 ++++++------
 2 files changed, 11 insertions(+), 8 deletions(-)

diff --git a/cifsacl.h b/cifsacl.h
index 101881b..f9fdc8f 100644
--- a/cifsacl.h
+++ b/cifsacl.h
@@ -96,6 +96,9 @@
 #define COMPMASK 0x8
 #define COMPALL 0xf /* COMPSID | COMPTYPE | COMPFLAG | COMPMASK */
 
+#define NUM_AUTHS (6)   /* number of authority fields */
+#define SID_MAX_SUB_AUTHORITIES (15) /* max number of sub authority fields */
+
 enum ace_action {
 	acedelete = 0,
 	acemodify,
@@ -115,8 +118,8 @@ struct cifs_ntsd {
 struct cifs_sid {
 	uint8_t revision; /* revision level */
 	uint8_t num_subauth;
-	uint8_t authority[6];
-	uint32_t sub_auth[5]; /* sub_auth[num_subauth] */
+	uint8_t authority[NUM_AUTHS];
+	uint32_t sub_auth[SID_MAX_SUB_AUTHORITIES];
 } __attribute__((packed));
 
 struct cifs_ctrl_acl {
diff --git a/setcifsacl.c b/setcifsacl.c
index 29b7b93..23ab5b1 100644
--- a/setcifsacl.c
+++ b/setcifsacl.c
@@ -76,9 +76,9 @@ copy_sec_desc(const struct cifs_ntsd *pntsd, struct cifs_ntsd *pnntsd,
 
 	nowner_sid_ptr->revision = owner_sid_ptr->revision;
 	nowner_sid_ptr->num_subauth = owner_sid_ptr->num_subauth;
-	for (i = 0; i < 6; i++)
+	for (i = 0; i < NUM_AUTHS; i++)
 		nowner_sid_ptr->authority[i] = owner_sid_ptr->authority[i];
-	for (i = 0; i < 5; i++)
+	for (i = 0; i < SID_MAX_SUB_AUTHORITIES; i++)
 		nowner_sid_ptr->sub_auth[i] = owner_sid_ptr->sub_auth[i];
 
 	/* copy group sid */
@@ -87,9 +87,9 @@ copy_sec_desc(const struct cifs_ntsd *pntsd, struct cifs_ntsd *pnntsd,
 
 	ngroup_sid_ptr->revision = group_sid_ptr->revision;
 	ngroup_sid_ptr->num_subauth = group_sid_ptr->num_subauth;
-	for (i = 0; i < 6; i++)
+	for (i = 0; i < NUM_AUTHS; i++)
 		ngroup_sid_ptr->authority[i] = group_sid_ptr->authority[i];
-	for (i = 0; i < 5; i++)
+	for (i = 0; i < SID_MAX_SUB_AUTHORITIES; i++)
 		ngroup_sid_ptr->sub_auth[i] = group_sid_ptr->sub_auth[i];
 
 	return;
@@ -106,7 +106,7 @@ copy_ace(struct cifs_ace *dace, struct cifs_ace *sace)
 
 	dace->sid.revision = sace->sid.revision;
 	dace->sid.num_subauth = sace->sid.num_subauth;
-	for (i = 0; i < 6; i++)
+	for (i = 0; i < NUM_AUTHS; i++)
 		dace->sid.authority[i] = sace->sid.authority[i];
 	for (i = 0; i < sace->sid.num_subauth; i++)
 		dace->sid.sub_auth[i] = sace->sid.sub_auth[i];
@@ -126,7 +126,7 @@ compare_aces(struct cifs_ace *sace, struct cifs_ace *dace, int compflags)
 			return 0;
 		if (dace->sid.num_subauth != sace->sid.num_subauth)
 			return 0;
-		for (i = 0; i < 6; i++) {
+		for (i = 0; i < NUM_AUTHS; i++) {
 			if (dace->sid.authority[i] != sace->sid.authority[i])
 				return 0;
 		}