From patchwork Wed Jul 7 18:40:08 2021 Content-Type: text/plain; charset="utf-8" MIME-Version: 1.0 Content-Transfer-Encoding: 7bit X-Patchwork-Submitter: Steve French X-Patchwork-Id: 12363753 Return-Path: X-Spam-Checker-Version: SpamAssassin 3.4.0 (2014-02-07) on aws-us-west-2-korg-lkml-1.web.codeaurora.org X-Spam-Level: X-Spam-Status: No, score=-12.7 required=3.0 tests=BAYES_00,DKIM_SIGNED, DKIM_VALID,DKIM_VALID_AU,FREEMAIL_FORGED_FROMDOMAIN,FREEMAIL_FROM, HEADER_FROM_DIFFERENT_DOMAINS,INCLUDES_CR_TRAILER,INCLUDES_PATCH, MAILING_LIST_MULTI,SPF_HELO_NONE,SPF_PASS autolearn=ham autolearn_force=no version=3.4.0 Received: from mail.kernel.org (mail.kernel.org [198.145.29.99]) by smtp.lore.kernel.org (Postfix) with ESMTP id 523C3C07E95 for ; Wed, 7 Jul 2021 18:41:59 +0000 (UTC) Received: from vger.kernel.org (vger.kernel.org [23.128.96.18]) by mail.kernel.org (Postfix) with ESMTP id 37ED461C81 for ; Wed, 7 Jul 2021 18:41:59 +0000 (UTC) Received: (majordomo@vger.kernel.org) by vger.kernel.org via listexpand id S232723AbhGGSoj (ORCPT ); Wed, 7 Jul 2021 14:44:39 -0400 Received: from lindbergh.monkeyblade.net ([23.128.96.19]:40444 "EHLO lindbergh.monkeyblade.net" rhost-flags-OK-OK-OK-OK) by vger.kernel.org with ESMTP id S232331AbhGGSog (ORCPT ); Wed, 7 Jul 2021 14:44:36 -0400 Received: from mail-lf1-x135.google.com (mail-lf1-x135.google.com [IPv6:2a00:1450:4864:20::135]) by lindbergh.monkeyblade.net (Postfix) with ESMTPS id 76C27C061767 for ; Wed, 7 Jul 2021 11:40:23 -0700 (PDT) Received: by mail-lf1-x135.google.com with SMTP id u18so6506041lff.9 for ; Wed, 07 Jul 2021 11:40:23 -0700 (PDT) DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed; d=gmail.com; s=20161025; h=mime-version:from:date:message-id:subject:to; bh=pu8gyira5Skp8iMTpC2i3Oq0LD7WW20LKfir8GJKH6Y=; b=k4PRO/zI0sdTS5LeDogcxanX9OmmFATXftENxDK+Svqt2pYkvQA74pUEyOZqREHZ0u wNBrE6WwgKAd+t+sSWV/hMu9FkquRK6TocBxPNYA34YrH+iN/PHjjoQi5/3R8nyRLMyq BlDiJqheJqhW8klCHxQW1wDJRWi2DFKe9E0GBAXvkVH3fIIG7amAc0Irt5yELgYzJcJI ue34XihktyniTE8jq/YstUmiU5hGSRsAKoAig0DgQMXK+nPgwL7TV0TDTKb/B8Ny85T9 LyeAZNjwNrxQV2Lw33W8mw4RwYNxv6MxXNbfaK2S4gJ1W+tlbtmc4Ema+zgV1lNIl7pQ ETOA== X-Google-DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed; d=1e100.net; s=20161025; h=x-gm-message-state:mime-version:from:date:message-id:subject:to; bh=pu8gyira5Skp8iMTpC2i3Oq0LD7WW20LKfir8GJKH6Y=; b=h1mJ+i/LbVXAzcUHv6Hak7Wd9+rQ3wgkCDBb0h8XP7TqCnPsC8nNKGUcDII5tNzIV+ XWnka+HDvTaSK+cDCL94sU1kX5g6aubierDR40SuR6AurAMrJ2yrLtDXdfCZ+GhMwIn/ o4uVRjjwmTR4dCAmCe40CLfpzRl+5gXMWLpzeRpPG8pZUqC77UtPaiq9uk2vPzu0Y+ts cSqclVXeSTFCq4mhZ9XBJnqaW2k75j5FNJ+JqW/0T+t49NCZ71jVlfxRYurJkF71R6ep 5TrOJFjsCjl6S6aSOq5sYkFzj8nQ5Tnq48g383HVSjqZw/TzeOavXyd7akdA9nekTF+w 9MKg== X-Gm-Message-State: AOAM533tI836gx6smE76BdKTA0KAzWbYRAfL4as6BGzcjRspra2RdbBW JOB35a/yjk7C/Y7Ga+zufFDe7jnelBiI998+cDYv1BjepC4= X-Google-Smtp-Source: ABdhPJy/XxwS0FGz6ujE9fPl7/vyryuY1RzqTlJBJy+Pbpk6h0iWsTvfr72DnNzKtknlnC1crsRp+AzimBKtIWoI388= X-Received: by 2002:a2e:b5a3:: with SMTP id f3mr10885874ljn.406.1625683221581; Wed, 07 Jul 2021 11:40:21 -0700 (PDT) MIME-Version: 1.0 From: Steve French Date: Wed, 7 Jul 2021 13:40:08 -0500 Message-ID: Subject: [PATCH][CIFS] Clarify SMB1 code for rename open file To: CIFS Precedence: bulk List-ID: X-Mailing-List: linux-cifs@vger.kernel.org And one more trivial coverity issue related patch ... (with fewer old issues like this, in the future it will be easier to spot important new ones that tools like this report) Coverity also complains about the way we calculate the offset (starting from the address of a 4 byte array within the header structure rather than from the beginning of the struct plus 4 bytes) for SMB1 RenameOpenFile. This changeset doesn't change the address but makes it slightly clearer. Addresses-Coverity: 711521 ("Out of bounds write") Signed-off-by: Steve French Reviewed-by: Paulo Alcantara (SUSE) --- fs/cifs/cifssmb.c | 3 ++- 1 file changed, 2 insertions(+), 1 deletion(-) pSMB->MaxParameterCount = cpu_to_le16(2); pSMB->MaxDataCount = cpu_to_le16(1000); /* BB find max SMB from sess */ From a2c6b5f95226d58f85864f5a30e892b5ec885bd6 Mon Sep 17 00:00:00 2001 From: Steve French Date: Wed, 7 Jul 2021 13:34:47 -0500 Subject: [PATCH] CIFS: Clarify SMB1 code for rename open file Coverity also complains about the way we calculate the offset (starting from the address of a 4 byte array within the header structure rather than from the beginning of the struct plus 4 bytes) for SMB1 RenameOpenFile. This changeset doesn't change the address but makes it slightly clearer. Addresses-Coverity: 711521 ("Out of bounds write") Signed-off-by: Steve French --- fs/cifs/cifssmb.c | 3 ++- 1 file changed, 2 insertions(+), 1 deletion(-) diff --git a/fs/cifs/cifssmb.c b/fs/cifs/cifssmb.c index 0863238ddd20..16bd4cf3bceb 100644 --- a/fs/cifs/cifssmb.c +++ b/fs/cifs/cifssmb.c @@ -2767,7 +2767,8 @@ int CIFSSMBRenameOpenFile(const unsigned int xid, struct cifs_tcon *pTcon, param_offset = offsetof(struct smb_com_transaction2_sfi_req, Fid) - 4; offset = param_offset + params; - data_offset = (char *) (&pSMB->hdr.Protocol) + offset; + /* SMB offsets are from the beginning of SMB which is 4 bytes in, after RFC1001 field */ + data_offset = (char *)(pSMB) + offset + 4; rename_info = (struct set_file_rename *) data_offset; pSMB->MaxParameterCount = cpu_to_le16(2); pSMB->MaxDataCount = cpu_to_le16(1000); /* BB find max SMB from sess */ -- 2.30.2