From 9bd2a02ce1c48b25678507ce79804b90a4be454f Mon Sep 17 00:00:00 2001 From: Steve French Date: Wed, 17 Oct 2007 18:01:11 +0000 Subject: [PATCH] --- yaml --- r: 71584 b: refs/heads/master c: c18c732ec6bf372aa959ca6534cbfc32e464defd h: refs/heads/master v: v3 --- [refs] | 2 +- trunk/fs/cifs/CHANGES | 3 ++- trunk/fs/cifs/connect.c | 6 +++++- 3 files changed, 8 insertions(+), 3 deletions(-) diff --git a/[refs] b/[refs] index ea9dc28fd8a2..4f932471e858 100644 --- a/[refs] +++ b/[refs] @@ -1,2 +1,2 @@ --- -refs/heads/master: adddd49ddf4ce5a5997f0695b194587290ea72e9 +refs/heads/master: c18c732ec6bf372aa959ca6534cbfc32e464defd diff --git a/trunk/fs/cifs/CHANGES b/trunk/fs/cifs/CHANGES index 70c90c07edf1..2459ef0a1396 100644 --- a/trunk/fs/cifs/CHANGES +++ b/trunk/fs/cifs/CHANGES @@ -10,7 +10,8 @@ opened, read and written as if they were files). When 1st tree connect fails (e.g. due to signing negotiation failure) fix leak that causes cifsd not to stop and rmmod to fail to cleanup cifs_request_buffers pool. Fix problem with POSIX Open/Mkdir on -bigendian architectures. +bigendian architectures. Fix possible memory corruption when +EAGAIN returned on kern_recvmsg. Version 1.50 ------------ diff --git a/trunk/fs/cifs/connect.c b/trunk/fs/cifs/connect.c index 494455ed4352..676bbf2bb56d 100644 --- a/trunk/fs/cifs/connect.c +++ b/trunk/fs/cifs/connect.c @@ -415,7 +415,10 @@ cifs_demultiplex_thread(struct TCP_Server_Info *server) msleep(1); /* minimum sleep to prevent looping allowing socket to clear and app threads to set tcpStatus CifsNeedReconnect if server hung */ - continue; + if (pdu_length < 4) + goto incomplete_rcv; + else + continue; } else if (length <= 0) { if (server->tcpStatus == CifsNew) { cFYI(1, ("tcp session abend after SMBnegprot")); @@ -543,6 +546,7 @@ cifs_demultiplex_thread(struct TCP_Server_Info *server) allowing socket to clear and app threads to set tcpStatus CifsNeedReconnect if server hung*/ + length = 0; continue; } else if (length <= 0) { cERROR(1, ("Received no data, expecting %d",