[patch] cifs: writing past the end of the array

Linux CIFS filesystem development
 help / color / mirror / Atom feed

* [patch] cifs: writing past the end of the array
@ 2011-03-06 13:26 Dan Carpenter
  2011-03-06 14:56 ` Shirish Pargaonkar
                   ` (2 more replies)
  0 siblings, 3 replies; 5+ messages in thread
From: Dan Carpenter @ 2011-03-06 13:26 UTC (permalink / raw)
  To: Steve French
  Cc: linux-cifs-u79uwXL29TY76Z2rM5mHXA,
	samba-technical-w/Ol4Ecudpl8XjKLYN78aQ,
	kernel-janitors-u79uwXL29TY76Z2rM5mHXA

This is a cut and paste error.  p16 only has 16 chars, not 21.

Signed-off-by: Dan Carpenter <error27-Re5JQEeQqe8AvxtiuMwx3w@public.gmane.org>

diff --git a/fs/cifs/smbencrypt.c b/fs/cifs/smbencrypt.c
index 3967635..1525d5e 100644
--- a/fs/cifs/smbencrypt.c
+++ b/fs/cifs/smbencrypt.c
@@ -353,7 +353,7 @@ SMBNTencrypt(unsigned char *passwd, unsigned char *c8, unsigned char *p24)
 	int rc;
 	unsigned char p16[16], p21[21];
 
-	memset(p16, '\0', 21);
+	memset(p16, '\0', 16);
 	memset(p21, '\0', 21);
 
 	rc = E_md4hash(passwd, p16);

^ permalink raw reply related	[flat|nested] 5+ messages in thread

* Re: [patch] cifs: writing past the end of the array
  2011-03-06 13:26 [patch] cifs: writing past the end of the array Dan Carpenter
@ 2011-03-06 14:56 ` Shirish Pargaonkar
  2011-03-06 17:11 ` walter harms
  2011-03-07  0:41 ` Steve French
  2 siblings, 0 replies; 5+ messages in thread
From: Shirish Pargaonkar @ 2011-03-06 14:56 UTC (permalink / raw)
  To: Dan Carpenter
  Cc: Steve French, linux-cifs-u79uwXL29TY76Z2rM5mHXA,
	samba-technical-w/Ol4Ecudpl8XjKLYN78aQ,
	kernel-janitors-u79uwXL29TY76Z2rM5mHXA

On Sun, Mar 6, 2011 at 7:26 AM, Dan Carpenter <error27-Re5JQEeQqe8AvxtiuMwx3w@public.gmane.org> wrote:
> This is a cut and paste error.  p16 only has 16 chars, not 21.
>
> Signed-off-by: Dan Carpenter <error27-Re5JQEeQqe8AvxtiuMwx3w@public.gmane.org>
>
> diff --git a/fs/cifs/smbencrypt.c b/fs/cifs/smbencrypt.c
> index 3967635..1525d5e 100644
> --- a/fs/cifs/smbencrypt.c
> +++ b/fs/cifs/smbencrypt.c
> @@ -353,7 +353,7 @@ SMBNTencrypt(unsigned char *passwd, unsigned char *c8, unsigned char *p24)
>        int rc;
>        unsigned char p16[16], p21[21];
>
> -       memset(p16, '\0', 21);
> +       memset(p16, '\0', 16);
>        memset(p21, '\0', 21);
>
>        rc = E_md4hash(passwd, p16);
> --
> To unsubscribe from this list: send the line "unsubscribe linux-cifs" in
> the body of a message to majordomo-u79uwXL29TY76Z2rM5mHXA@public.gmane.org
> More majordomo info at  http://vger.kernel.org/majordomo-info.html
>

Looks correct.

Reviewed-by: Shirish Pargaonkar <shirishpargaonkar-Re5JQEeQqe8AvxtiuMwx3w@public.gmane.org>

^ permalink raw reply	[flat|nested] 5+ messages in thread

* Re: [patch] cifs: writing past the end of the array
  2011-03-06 13:26 [patch] cifs: writing past the end of the array Dan Carpenter
  2011-03-06 14:56 ` Shirish Pargaonkar
@ 2011-03-06 17:11 ` walter harms
       [not found]   ` <4D73C03B.1050905-fPG8STNUNVg@public.gmane.org>
  2011-03-07  0:41 ` Steve French
  2 siblings, 1 reply; 5+ messages in thread
From: walter harms @ 2011-03-06 17:11 UTC (permalink / raw)
  To: Dan Carpenter
  Cc: Steve French, linux-cifs-u79uwXL29TY76Z2rM5mHXA,
	samba-technical-w/Ol4Ecudpl8XjKLYN78aQ,
	kernel-janitors-u79uwXL29TY76Z2rM5mHXA



Am 06.03.2011 14:26, schrieb Dan Carpenter:
> This is a cut and paste error.  p16 only has 16 chars, not 21.
> 
> Signed-off-by: Dan Carpenter <error27-Re5JQEeQqe8AvxtiuMwx3w@public.gmane.org>
> 
> diff --git a/fs/cifs/smbencrypt.c b/fs/cifs/smbencrypt.c
> index 3967635..1525d5e 100644
> --- a/fs/cifs/smbencrypt.c
> +++ b/fs/cifs/smbencrypt.c
> @@ -353,7 +353,7 @@ SMBNTencrypt(unsigned char *passwd, unsigned char *c8, unsigned char *p24)
>  	int rc;
>  	unsigned char p16[16], p21[21];
>  
> -	memset(p16, '\0', 21);
> +	memset(p16, '\0', 16);
>  	memset(p21, '\0', 21);
>  
>  	rc = E_md4hash(passwd, p16);


perhaps ARRAY_SIZE() instead of a magic number is a better choice ?

re,
 wh

^ permalink raw reply	[flat|nested] 5+ messages in thread

[parent not found: <4D73C03B.1050905-fPG8STNUNVg@public.gmane.org>]

* Re: [patch] cifs: writing past the end of the array
       [not found]   ` <4D73C03B.1050905-fPG8STNUNVg@public.gmane.org>
@ 2011-03-07 16:09     ` Jeff Layton
  0 siblings, 0 replies; 5+ messages in thread
From: Jeff Layton @ 2011-03-07 16:09 UTC (permalink / raw)
  To: wharms-fPG8STNUNVg
  Cc: Dan Carpenter, Steve French, linux-cifs-u79uwXL29TY76Z2rM5mHXA,
	samba-technical-w/Ol4Ecudpl8XjKLYN78aQ,
	kernel-janitors-u79uwXL29TY76Z2rM5mHXA

On Sun, 06 Mar 2011 18:11:23 +0100
walter harms <wharms-fPG8STNUNVg@public.gmane.org> wrote:

> 
> 
> Am 06.03.2011 14:26, schrieb Dan Carpenter:
> > This is a cut and paste error.  p16 only has 16 chars, not 21.
> > 
> > Signed-off-by: Dan Carpenter <error27-Re5JQEeQqe8AvxtiuMwx3w@public.gmane.org>
> > 
> > diff --git a/fs/cifs/smbencrypt.c b/fs/cifs/smbencrypt.c
> > index 3967635..1525d5e 100644
> > --- a/fs/cifs/smbencrypt.c
> > +++ b/fs/cifs/smbencrypt.c
> > @@ -353,7 +353,7 @@ SMBNTencrypt(unsigned char *passwd, unsigned char *c8, unsigned char *p24)
> >  	int rc;
> >  	unsigned char p16[16], p21[21];
> >  
> > -	memset(p16, '\0', 21);
> > +	memset(p16, '\0', 16);
> >  	memset(p21, '\0', 21);
> >  
> >  	rc = E_md4hash(passwd, p16);
> 
> 
> perhaps ARRAY_SIZE() instead of a magic number is a better choice ?
> 

Agreed. Care to propose a patch? There are almost certainly other
places in the code that could use a similar cleanup.

-- 
Jeff Layton <jlayton-H+wXaHxf7aLQT0dZR+AlfA@public.gmane.org>

^ permalink raw reply	[flat|nested] 5+ messages in thread

* Re: [patch] cifs: writing past the end of the array
  2011-03-06 13:26 [patch] cifs: writing past the end of the array Dan Carpenter
  2011-03-06 14:56 ` Shirish Pargaonkar
  2011-03-06 17:11 ` walter harms
@ 2011-03-07  0:41 ` Steve French
  2 siblings, 0 replies; 5+ messages in thread
From: Steve French @ 2011-03-07  0:41 UTC (permalink / raw)
  To: Dan Carpenter; +Cc: Steve French, linux-cifs, kernel-janitors, samba-technical

merged.  trivially correct.

On Sun, Mar 6, 2011 at 7:26 AM, Dan Carpenter <error27@gmail.com> wrote:

> This is a cut and paste error.  p16 only has 16 chars, not 21.
>
> Signed-off-by: Dan Carpenter <error27@gmail.com>
>
> diff --git a/fs/cifs/smbencrypt.c b/fs/cifs/smbencrypt.c
> index 3967635..1525d5e 100644
> --- a/fs/cifs/smbencrypt.c
> +++ b/fs/cifs/smbencrypt.c
> @@ -353,7 +353,7 @@ SMBNTencrypt(unsigned char *passwd, unsigned char *c8,
> unsigned char *p24)
>        int rc;
>        unsigned char p16[16], p21[21];
>
> -       memset(p16, '\0', 21);
> +       memset(p16, '\0', 16);
>        memset(p21, '\0', 21);
>
>        rc = E_md4hash(passwd, p16);
>



-- 
Thanks,

Steve

^ permalink raw reply	[flat|nested] 5+ messages in thread

end of thread, other threads:[~2011-03-07 16:09 UTC | newest]

Thread overview: 5+ messages (download: mbox.gz follow: Atom feed
-- links below jump to the message on this page --
2011-03-06 13:26 [patch] cifs: writing past the end of the array Dan Carpenter
2011-03-06 14:56 ` Shirish Pargaonkar
2011-03-06 17:11 ` walter harms
     [not found]   ` <4D73C03B.1050905-fPG8STNUNVg@public.gmane.org>
2011-03-07 16:09     ` Jeff Layton
2011-03-07  0:41 ` Steve French

This is a public inbox, see mirroring instructions
for how to clone and mirror all data and code used for this inbox