From patchwork Tue May 28 12:11:59 2013 Content-Type: text/plain; charset="utf-8" MIME-Version: 1.0 Content-Transfer-Encoding: 7bit X-Patchwork-Submitter: Jeff Layton X-Patchwork-Id: 2624401 Return-Path: X-Original-To: patchwork-cifs-client@patchwork.kernel.org Delivered-To: patchwork-process-083081@patchwork1.kernel.org Received: from vger.kernel.org (vger.kernel.org [209.132.180.67]) by patchwork1.kernel.org (Postfix) with ESMTP id 6F58740077 for ; Tue, 28 May 2013 12:12:27 +0000 (UTC) Received: (majordomo@vger.kernel.org) by vger.kernel.org via listexpand id S933723Ab3E1MM1 (ORCPT ); Tue, 28 May 2013 08:12:27 -0400 Received: from mail-ye0-f177.google.com ([209.85.213.177]:33280 "EHLO mail-ye0-f177.google.com" rhost-flags-OK-OK-OK-OK) by vger.kernel.org with ESMTP id S933681Ab3E1MM0 (ORCPT ); Tue, 28 May 2013 08:12:26 -0400 Received: by mail-ye0-f177.google.com with SMTP id l8so852750yen.8 for ; Tue, 28 May 2013 05:12:26 -0700 (PDT) X-Google-DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed; d=google.com; s=20120113; h=sender:from:to:cc:subject:date:message-id:x-mailer:in-reply-to :references:x-gm-message-state; bh=ckhkCr5pC0JsbTYMnfZyBWYpGvwUVAx2oxv92d1/IcQ=; b=h8xU9UpJzu8qDPbuKIIC5LnqwhDVnOZghSm/o3uTSvCOQWiOcnqhttIRuGYz7x1YHq xy3VzxB4nrGHHTHcek/6ibQF605NltngNfs+aOYHxJn491EGEXwI8As7a9eOzZ+8B7wA VkeclW5T4+YfKu7yVBqe3aigbikis9A1dCU1HXYtGhrHtFLAhyPbFBAcRk09jJdNo4lo hWAgZ0u5plxL1qQlkFE6+G3diikd8shKwAF4uCRB/DhGzvcMQW+yoZM4JziwNG7Ab32A Ze/M06anbFdRuN9mvx8GU7pmSPblhTw2jn42a+K2wLeTvWx9/KPYW/fMcC+GTvyjpRrJ QVgA== X-Received: by 10.236.138.75 with SMTP id z51mr4624976yhi.13.1369743145984; Tue, 28 May 2013 05:12:25 -0700 (PDT) Received: from salusa.poochiereds.net (cpe-107-015-124-230.nc.res.rr.com. [107.15.124.230]) by mx.google.com with ESMTPSA id d24sm14409623yhi.17.2013.05.28.05.12.24 for (version=TLSv1.2 cipher=RC4-SHA bits=128/128); Tue, 28 May 2013 05:12:25 -0700 (PDT) From: Jeff Layton To: smfrench@gmail.com Cc: linux-cifs@vger.kernel.org, idra@samba.org, piastryyy@gmail.com Subject: [PATCH v2 18/19] cifs: clean up the SecurityFlags write handler Date: Tue, 28 May 2013 08:11:59 -0400 Message-Id: <1369743120-18941-19-git-send-email-jlayton@redhat.com> X-Mailer: git-send-email 1.8.1.4 In-Reply-To: <1369743120-18941-1-git-send-email-jlayton@redhat.com> References: <1369743120-18941-1-git-send-email-jlayton@redhat.com> X-Gm-Message-State: ALoCoQmbpZTaV9Btr05XPfvvGKGp4rc6AHokYdAHPYTraOltDb7WUy3MzbVGW2p/JZcfFhEgpyZb Sender: linux-cifs-owner@vger.kernel.org Precedence: bulk List-ID: X-Mailing-List: linux-cifs@vger.kernel.org The SecurityFlags handler uses an obsolete simple_strtoul() call, and doesn't really handle the bounds checking well. Fix it to use kstrtouint() instead. Clean up the error messages as well and fix a bogus check for an unsigned int to be less than 0. Signed-off-by: Jeff Layton Reviewed-by: Pavel Shilovsky --- fs/cifs/cifs_debug.c | 20 ++++++++++++++------ 1 file changed, 14 insertions(+), 6 deletions(-) diff --git a/fs/cifs/cifs_debug.c b/fs/cifs/cifs_debug.c index d597483..856f8f5 100644 --- a/fs/cifs/cifs_debug.c +++ b/fs/cifs/cifs_debug.c @@ -598,6 +598,7 @@ static int cifs_security_flags_proc_open(struct inode *inode, struct file *file) static ssize_t cifs_security_flags_proc_write(struct file *file, const char __user *buffer, size_t count, loff_t *ppos) { + int rc; unsigned int flags; char flags_string[12]; char c; @@ -620,26 +621,33 @@ static ssize_t cifs_security_flags_proc_write(struct file *file, global_secflags = CIFSSEC_MAX; return count; } else if (!isdigit(c)) { - cifs_dbg(VFS, "invalid flag %c\n", c); + cifs_dbg(VFS, "Invalid SecurityFlags: %s\n", + flags_string); return -EINVAL; } } - /* else we have a number */ - flags = simple_strtoul(flags_string, NULL, 0); + /* else we have a number */ + rc = kstrtouint(flags_string, 0, &flags); + if (rc) { + cifs_dbg(VFS, "Invalid SecurityFlags: %s\n", + flags_string); + return rc; + } cifs_dbg(FYI, "sec flags 0x%x\n", flags); - if (flags <= 0) { - cifs_dbg(VFS, "invalid security flags %s\n", flags_string); + if (flags == 0) { + cifs_dbg(VFS, "Invalid SecurityFlags: %s\n", flags_string); return -EINVAL; } if (flags & ~CIFSSEC_MASK) { - cifs_dbg(VFS, "attempt to set unsupported security flags 0x%x\n", + cifs_dbg(VFS, "Unsupported security flags: 0x%x\n", flags & ~CIFSSEC_MASK); return -EINVAL; } + /* flags look ok - update the global security flags for cifs module */ global_secflags = flags; if (global_secflags & CIFSSEC_MUST_SIGN) {