| Message ID | 20210621214446.1406159-1-keescook@chromium.org (mailing list archive) |
|---|---|
| State | New, archived |
| Headers | show |
| Series | cifs: Avoid field over-reading memcpy() | expand |
merged into cifs-2.6.git for-next On Mon, Jun 21, 2021 at 4:45 PM Kees Cook <keescook@chromium.org> wrote: > > In preparation for FORTIFY_SOURCE performing compile-time and run-time > field bounds checking for memcpy(), memmove(), and memset(), avoid > intentionally reading across neighboring fields. > > Instead of using memcpy to read across multiple struct members, just > perform per-member assignments as already done for other members. > > Signed-off-by: Kees Cook <keescook@chromium.org> > --- > fs/cifs/smb2pdu.c | 5 ++++- > 1 file changed, 4 insertions(+), 1 deletion(-) > > diff --git a/fs/cifs/smb2pdu.c b/fs/cifs/smb2pdu.c > index 31784e3fa96f..962826dc3316 100644 > --- a/fs/cifs/smb2pdu.c > +++ b/fs/cifs/smb2pdu.c > @@ -2892,7 +2892,10 @@ SMB2_open(const unsigned int xid, struct cifs_open_parms *oparms, __le16 *path, > #endif /* CIFS_DEBUG2 */ > > if (buf) { > - memcpy(buf, &rsp->CreationTime, 32); > + buf->CreationTime = rsp->CreationTime; > + buf->LastAccessTime = rsp->LastAccessTime; > + buf->LastWriteTime = rsp->LastWriteTime; > + buf->ChangeTime = rsp->ChangeTime; > buf->AllocationSize = rsp->AllocationSize; > buf->EndOfFile = rsp->EndofFile; > buf->Attributes = rsp->FileAttributes; > -- > 2.30.2 >
diff --git a/fs/cifs/smb2pdu.c b/fs/cifs/smb2pdu.c index 31784e3fa96f..962826dc3316 100644 --- a/fs/cifs/smb2pdu.c +++ b/fs/cifs/smb2pdu.c @@ -2892,7 +2892,10 @@ SMB2_open(const unsigned int xid, struct cifs_open_parms *oparms, __le16 *path, #endif /* CIFS_DEBUG2 */ if (buf) { - memcpy(buf, &rsp->CreationTime, 32); + buf->CreationTime = rsp->CreationTime; + buf->LastAccessTime = rsp->LastAccessTime; + buf->LastWriteTime = rsp->LastWriteTime; + buf->ChangeTime = rsp->ChangeTime; buf->AllocationSize = rsp->AllocationSize; buf->EndOfFile = rsp->EndofFile; buf->Attributes = rsp->FileAttributes;
In preparation for FORTIFY_SOURCE performing compile-time and run-time field bounds checking for memcpy(), memmove(), and memset(), avoid intentionally reading across neighboring fields. Instead of using memcpy to read across multiple struct members, just perform per-member assignments as already done for other members. Signed-off-by: Kees Cook <keescook@chromium.org> --- fs/cifs/smb2pdu.c | 5 ++++- 1 file changed, 4 insertions(+), 1 deletion(-)