smb: client: Add check for next_buffer in receive_encrypted_standard()
commit 860ca5e50f73c2a1cef7eefc9d39d04e275417f7 upstream.
Add check for the return value of cifs_buf_get() and cifs_small_buf_get()
in receive_encrypted_standard() to prevent null pointer dereference.
Fixes: eec04ea119 ("smb: client: fix OOB in receive_encrypted_standard()")
Cc: stable@vger.kernel.org
Signed-off-by: Haoxiang Li <haoxiang_li2024@163.com>
Signed-off-by: Steve French <stfrench@microsoft.com>
Signed-off-by: Greg Kroah-Hartman <gregkh@linuxfoundation.org>
This commit is contained in:
committed by
Greg Kroah-Hartman
parent
ada54b2e81
commit
a9b0b4b298
@@ -4991,6 +4991,10 @@ one_more:
|
||||
next_buffer = (char *)cifs_buf_get();
|
||||
else
|
||||
next_buffer = (char *)cifs_small_buf_get();
|
||||
if (!next_buffer) {
|
||||
cifs_server_dbg(VFS, "No memory for (large) SMB response\n");
|
||||
return -1;
|
||||
}
|
||||
memcpy(next_buffer, buf + next_cmd, pdu_length - next_cmd);
|
||||
}
|
||||
|
||||
|
||||
Reference in New Issue
Block a user