From: Steve French <smfrench-Re5JQEeQqe8AvxtiuMwx3w@public.gmane.org>
To: Jeff Layton <jlayton-H+wXaHxf7aLQT0dZR+AlfA@public.gmane.org>
Cc: Christoph Hellwig <hch-wEGCiKHe2LqWVfeAwA7xHQ@public.gmane.org>,
linux-cifs-u79uwXL29TY76Z2rM5mHXA@public.gmane.org,
linux-fsdevel
<linux-fsdevel-u79uwXL29TY76Z2rM5mHXA@public.gmane.org>
Subject: Re: [CIFS] [PATCH] consistently use smb_buf_length as be32 for cifs (try 3)
Date: Sun, 20 Mar 2011 09:01:48 -0500 [thread overview]
Message-ID: <AANLkTinB9S0NP-um=k2BraTFYo02kcaw2304HeYaUCkh@mail.gmail.com> (raw)
In-Reply-To: <20110320094121.39be555c-9yPaYZwiELC+kQycOl6kW4xkIHaj4LzF@public.gmane.org>
On Sun, Mar 20, 2011 at 8:41 AM, Jeff Layton <jlayton-H+wXaHxf7aLQT0dZR+AlfA@public.gmane.org> wrote:
> On Sat, 19 Mar 2011 22:05:43 -0500
> Steve French <smfrench-Re5JQEeQqe8AvxtiuMwx3w@public.gmane.org> wrote:
>
>> On Sat, Mar 19, 2011 at 4:17 PM, Jeff Layton <jlayton-H+wXaHxf7aLQT0dZR+AlfA@public.gmane.org> wrote:
>> > On Fri, 18 Mar 2011 14:51:54 -0400
>> > Christoph Hellwig <hch-wEGCiKHe2LqWVfeAwA7xHQ@public.gmane.org> wrote:
>> >
>> >> On Thu, Mar 17, 2011 at 12:17:24PM -0500, Steve French wrote:
>> >> > If others feel strongly about this, I don't mind changing it as
>> >> > Christoph suggests but
>> >> > - to samba people, "incrementing the rfc1001 length" would be more
>> >> > recognizable (than opencoding the be32_add_cpu macro), and the
>> >> > function name was
>> >> > actually Jeff's suggestion which I liked.
>> >>
>> >> I don't mind the rfc1001 length per se. What's totally braindead about
>> >> this is having an absolutely trivial wrapper for incrementing a field,
>> >> which has a different name than the field it increments.
>> >>
>> >> If you feel strongly about the rfc1001 length just rename the field.
>> >>
>> >
>> > FWIW, the MS-SMB doc calls this value the "Stream Protocol Length". It
>> > also mentions that this is actually a 24 bit field and the upper 8 bits
>> > are supposed to be zeroed out.
>> >
>> > Should this wrapper check for values that violate that? A little
>> > defensive coding in this area wouldn't hurt.
>>
>> I agree, defensive code wouldn't hurt here. We do actually check IIRC
>> the first byte of it (which acts as an "rfc1001" command code, where
>> zero is what we want for most, in cifs_demultiplex_thread). Of the
>> next 3 bytes, which serve as a length field, old servers had a small
>> maximum smb size, and thus only read two bytes, eventually some
>> servers allowed you to use just over 64K, and Samba has allowed more
>> than that for years.
>>
>
> cifs_demultiplex_thread checks the first byte of data that is
> *received*. It cannot check that what we're sending is within spec.
> Perhaps this wrapper should.
Yes. agreed, even though the field is initialized to zero in header
assemble and the 4th byte will be zero, and the lengths are checked
earlier it can't hurt to do a final check that the length field did not
overflow. I will take a look at this.
--
Thanks,
Steve
prev parent reply other threads:[~2011-03-20 14:01 UTC|newest]
Thread overview: 8+ messages / expand[flat|nested] mbox.gz Atom feed top
2011-03-17 16:41 [CIFS] [PATCH] consistently use smb_buf_length as be32 for cifs (try 3) Steve French
2011-03-17 16:44 ` Christoph Hellwig
2011-03-17 17:17 ` Steve French
2011-03-18 18:51 ` Christoph Hellwig
[not found] ` <20110318185154.GA8028-wEGCiKHe2LqWVfeAwA7xHQ@public.gmane.org>
2011-03-19 21:17 ` Jeff Layton
2011-03-20 3:05 ` Steve French
[not found] ` <AANLkTi==ojddc91ruaLHJvY85_tHvNe1J+YVZi7fsj8n-JsoAwUIsXosN+BqQ9rBEUg@public.gmane.org>
2011-03-20 13:41 ` Jeff Layton
[not found] ` <20110320094121.39be555c-9yPaYZwiELC+kQycOl6kW4xkIHaj4LzF@public.gmane.org>
2011-03-20 14:01 ` Steve French [this message]
Reply instructions:
You may reply publicly to this message via plain-text email
using any one of the following methods:
* Save the following mbox file, import it into your mail client,
and reply-to-all from there: mbox
Avoid top-posting and favor interleaved quoting:
https://en.wikipedia.org/wiki/Posting_style#Interleaved_style
* Reply using the --to, --cc, and --in-reply-to
switches of git-send-email(1):
git send-email \
--in-reply-to='AANLkTinB9S0NP-um=k2BraTFYo02kcaw2304HeYaUCkh@mail.gmail.com' \
--to=smfrench-re5jqeeqqe8avxtiumwx3w@public.gmane.org \
--cc=hch-wEGCiKHe2LqWVfeAwA7xHQ@public.gmane.org \
--cc=jlayton-H+wXaHxf7aLQT0dZR+AlfA@public.gmane.org \
--cc=linux-cifs-u79uwXL29TY76Z2rM5mHXA@public.gmane.org \
--cc=linux-fsdevel-u79uwXL29TY76Z2rM5mHXA@public.gmane.org \
/path/to/YOUR_REPLY
https://kernel.org/pub/software/scm/git/docs/git-send-email.html
* If your mail client supports setting the In-Reply-To header
via mailto: links, try the mailto: link
Be sure your reply has a Subject: header at the top and a blank line
before the message body.
This is a public inbox, see mirroring instructions
for how to clone and mirror all data and code used for this inbox;
as well as URLs for NNTP newsgroup(s).