[PATCH AUTOSEL 5.16 14/30] cifs: do not use uninitialized data in the owner/group sid

All of lore.kernel.org
 help / color / mirror / Atom feed

From: Sasha Levin <sashal@kernel.org>
To: linux-kernel@vger.kernel.org, stable@vger.kernel.org
Cc: Ronnie Sahlberg <lsahlber@redhat.com>,
	Steve French <stfrench@microsoft.com>,
	Sasha Levin <sashal@kernel.org>,
	sfrench@samba.org, linux-cifs@vger.kernel.org,
	samba-technical@lists.samba.org
Subject: [PATCH AUTOSEL 5.16 14/30] cifs: do not use uninitialized data in the owner/group sid
Date: Tue, 22 Feb 2022 21:28:03 -0500	[thread overview]
Message-ID: <20220223022820.240649-14-sashal@kernel.org> (raw)
In-Reply-To: <20220223022820.240649-1-sashal@kernel.org>

From: Ronnie Sahlberg <lsahlber@redhat.com>

[ Upstream commit 26d3dadebbcbddfaf1d9caad42527a28a0ed28d8 ]

When idsfromsid is used we create a special SID for owner/group.
This structure must be initialized or else the first 5 bytes
of the Authority field of the SID will contain uninitialized data
and thus not be a valid SID.

Signed-off-by: Ronnie Sahlberg <lsahlber@redhat.com>
Signed-off-by: Steve French <stfrench@microsoft.com>
Signed-off-by: Sasha Levin <sashal@kernel.org>
---
 fs/cifs/cifsacl.c | 4 ++--
 1 file changed, 2 insertions(+), 2 deletions(-)

diff --git a/fs/cifs/cifsacl.c b/fs/cifs/cifsacl.c
index ee3aab3dd4ac6..5df21d63dd04e 100644
--- a/fs/cifs/cifsacl.c
+++ b/fs/cifs/cifsacl.c
@@ -1297,7 +1297,7 @@ static int build_sec_desc(struct cifs_ntsd *pntsd, struct cifs_ntsd *pnntsd,
 
 		if (uid_valid(uid)) { /* chown */
 			uid_t id;
-			nowner_sid_ptr = kmalloc(sizeof(struct cifs_sid),
+			nowner_sid_ptr = kzalloc(sizeof(struct cifs_sid),
 								GFP_KERNEL);
 			if (!nowner_sid_ptr) {
 				rc = -ENOMEM;
@@ -1326,7 +1326,7 @@ static int build_sec_desc(struct cifs_ntsd *pntsd, struct cifs_ntsd *pnntsd,
 		}
 		if (gid_valid(gid)) { /* chgrp */
 			gid_t id;
-			ngroup_sid_ptr = kmalloc(sizeof(struct cifs_sid),
+			ngroup_sid_ptr = kzalloc(sizeof(struct cifs_sid),
 								GFP_KERNEL);
 			if (!ngroup_sid_ptr) {
 				rc = -ENOMEM;
-- 
2.34.1

next prev parent reply	other threads:[~2022-02-23  2:29 UTC|newest]

Thread overview: 40+ messages / expand[flat|nested]  mbox.gz  Atom feed  top
2022-02-23  2:27 [PATCH AUTOSEL 5.16 01/30] HID: apple: Set the tilde quirk flag on the Wellspring 5 and later Sasha Levin
2022-02-23  2:27 ` [PATCH AUTOSEL 5.16 02/30] mac80211_hwsim: report NOACK frames in tx_status Sasha Levin
2022-02-23  2:27 ` [PATCH AUTOSEL 5.16 03/30] mac80211_hwsim: initialize ieee80211_tx_info at hw_scan_work Sasha Levin
2022-02-23  2:27 ` [PATCH AUTOSEL 5.16 04/30] i2c: bcm2835: Avoid clock stretching timeouts Sasha Levin
2022-02-23  2:27   ` Sasha Levin
2022-02-23  2:27 ` [PATCH AUTOSEL 5.16 05/30] ASoC: rt5682s: do not block workqueue if card is unbound Sasha Levin
2022-02-23  2:27   ` Sasha Levin
2022-02-23  2:27 ` [PATCH AUTOSEL 5.16 06/30] ASoC: rt5668: " Sasha Levin
2022-02-23  2:27   ` Sasha Levin
2022-02-23  2:27 ` [PATCH AUTOSEL 5.16 07/30] ASoC: rt5682: " Sasha Levin
2022-02-23  2:27   ` Sasha Levin
2022-02-23  2:27 ` [PATCH AUTOSEL 5.16 08/30] regulator: core: fix false positive in regulator_late_cleanup() Sasha Levin
2022-02-23  2:27 ` [PATCH AUTOSEL 5.16 09/30] Input: clear BTN_RIGHT/MIDDLE on buttonpads Sasha Levin
2022-02-23  2:27 ` [PATCH AUTOSEL 5.16 10/30] btrfs: get rid of warning on transaction commit when using flushoncommit Sasha Levin
2022-02-23  2:28 ` [PATCH AUTOSEL 5.16 11/30] KVM: arm64: vgic: Read HW interrupt pending state from the HW Sasha Levin
2022-02-23  2:28   ` Sasha Levin
2022-02-23  2:28   ` Sasha Levin
2022-02-23  2:28 ` [PATCH AUTOSEL 5.16 12/30] block: loop:use kstatfs.f_bsize of backing file to set discard granularity Sasha Levin
2022-02-23  2:28 ` [PATCH AUTOSEL 5.16 13/30] tipc: fix a bit overflow in tipc_crypto_key_rcv() Sasha Levin
2022-02-23  2:28 ` Sasha Levin [this message]
2022-02-23  2:28 ` [PATCH AUTOSEL 5.16 15/30] cifs: fix double free race when mount fails in cifs_get_root() Sasha Levin
2022-02-23  2:28 ` [PATCH AUTOSEL 5.16 16/30] USB: zaurus: support another broken Zaurus Sasha Levin
2022-02-23  2:28 ` [PATCH AUTOSEL 5.16 17/30] HID: amd_sfh: Handle amd_sfh work buffer in PM ops Sasha Levin
2022-02-23  2:28 ` [PATCH AUTOSEL 5.16 18/30] HID: amd_sfh: Add functionality to clear interrupts Sasha Levin
2022-02-23  2:28 ` [PATCH AUTOSEL 5.16 19/30] HID: amd_sfh: Add interrupt handler to process interrupts Sasha Levin
2022-02-23  2:28 ` [PATCH AUTOSEL 5.16 20/30] cifs: modefromsids must add an ACE for authenticated users Sasha Levin
2022-02-23  2:28 ` [PATCH AUTOSEL 5.16 21/30] selftests/seccomp: Fix seccomp failure by adding missing headers Sasha Levin
2022-02-23  2:28 ` [PATCH AUTOSEL 5.16 22/30] drm/amd/pm: correct UMD pstate clocks for Dimgrey Cavefish and Beige Goby Sasha Levin
2022-02-23  2:28   ` Sasha Levin
2022-02-23  2:28   ` Sasha Levin
2022-02-23  2:28 ` [PATCH AUTOSEL 5.16 23/30] selftests/ftrace: Do not trace do_softirq because of PREEMPT_RT Sasha Levin
2022-02-23  2:28 ` [PATCH AUTOSEL 5.16 24/30] dmaengine: shdma: Fix runtime PM imbalance on error Sasha Levin
2022-02-24 22:39   ` Pavel Machek
2022-02-25  6:25     ` 刘永志
2022-02-23  2:28 ` [PATCH AUTOSEL 5.16 25/30] i2c: cadence: allow COMPILE_TEST Sasha Levin
2022-02-23  2:28 ` [PATCH AUTOSEL 5.16 26/30] i2c: imx: " Sasha Levin
2022-02-23  2:28 ` [PATCH AUTOSEL 5.16 27/30] i2c: qup: " Sasha Levin
2022-02-23  2:28 ` [PATCH AUTOSEL 5.16 28/30] CDC-NCM: avoid overflow in sanity checking Sasha Levin
2022-02-23  2:28 ` [PATCH AUTOSEL 5.16 29/30] net: usb: cdc_mbim: avoid altsetting toggling for Telit FN990 Sasha Levin
2022-02-23  2:28 ` [PATCH AUTOSEL 5.16 30/30] block-map: add __GFP_ZERO flag for alloc_page in function bio_copy_kern Sasha Levin

find likely ancestor, descendant, or conflicting patches for this message:
( dfblob:ee3aab3dd4ac dfblob:5df21d63dd04 )
 OR (
bs:"[PATCH AUTOSEL 5.16 14/30] cifs: do not use uninitialized data in the owner/group sid" )
	(help)

Reply instructions:

You may reply publicly to this message via plain-text email
using any one of the following methods:

* Save the following mbox file, import it into your mail client,
  and reply-to-all from there: mbox

  Avoid top-posting and favor interleaved quoting:
  https://en.wikipedia.org/wiki/Posting_style#Interleaved_style

* Reply using the --to, --cc, and --in-reply-to
  switches of git-send-email(1):

  git send-email \
    --in-reply-to=20220223022820.240649-14-sashal@kernel.org \
    --to=sashal@kernel.org \
    --cc=linux-cifs@vger.kernel.org \
    --cc=linux-kernel@vger.kernel.org \
    --cc=lsahlber@redhat.com \
    --cc=samba-technical@lists.samba.org \
    --cc=sfrench@samba.org \
    --cc=stable@vger.kernel.org \
    --cc=stfrench@microsoft.com \
    /path/to/YOUR_REPLY

  https://kernel.org/pub/software/scm/git/docs/git-send-email.html

* If your mail client supports setting the In-Reply-To header
  via mailto: links, try the mailto: link

Be sure your reply has a Subject: header at the top and a blank line before the message body.

This is an external index of several public inboxes,
see mirroring instructions on how to clone and mirror
all data and code used by this external index.