p71924506
/
linux_old1
1
0
Fork 0
Code Issues Pull Requests Projects Releases Wiki Activity

cifs: modefromsid: make room for 4 ACE 

when mounting with modefromsid, we end up writing 4 ACE in a security
descriptor that only has room for 3, thus triggering an out-of-bounds
write. fix this by changing the min size of a security descriptor.

Signed-off-by: Aurelien Aptel <aaptel@suse.com>
Signed-off-by: Steve French <stfrench@microsoft.com>
This commit is contained in:
Aurelien Aptel 2019-09-16 04:28:36 +02:00 committed by Steve French
parent 2255397c33
commit 0892ba693f
1 changed files with 1 additions and 1 deletions
Show Stats Download Patch File Download Diff File Expand all files Collapse all files

2
fs/cifs/cifsacl.h
View File

@ -45,7 +45,7 @@
*/
#define DEFAULT_SEC_DESC_LEN (sizeof(struct cifs_ntsd) + \
sizeof(struct cifs_acl) + \
(sizeof(struct cifs_ace) * 3))
(sizeof(struct cifs_ace) * 4))
/*
* Maximum size of a string representation of a SID: