BugLink: http://bugs.launchpad.net/bugs/788691
commit
16541ba11c4f04ffe94b073e301f00b749fb84a1 upstream.
cifs_demultiplex_thread calls coalesce_t2 to try and merge follow-on t2
responses into the original mid buffer. coalesce_t2 however can return
errors, but the caller doesn't handle that situation properly. Fix the
thread to treat such a case as it would a malformed packet. Mark the
mid as being malformed and issue the callback.
Acked-by: David Howells <dhowells@redhat.com>
Signed-off-by: Jeff Layton <jlayton@redhat.com>
Signed-off-by: Steve French <sfrench@us.ibm.com>
Signed-off-by: Greg Kroah-Hartman <gregkh@suse.de>
Signed-off-by: Steve Conklin <sconklin@canonical.com>
isMultiRsp = true;
if (mid_entry->resp_buf) {
/* merge response - fix up 1st*/
- if (coalesce_t2(smb_buffer,
- mid_entry->resp_buf)) {
+ length = coalesce_t2(smb_buffer,
+ mid_entry->resp_buf);
+ if (length > 0) {
+ length = 0;
mid_entry->multiRsp = true;
break;
} else {
- /* all parts received */
+ /* all parts received or
+ * packet is malformed
+ */
mid_entry->multiEnd = true;
goto multi_t2_fnd;
}
projects / linux-flexiantxendom0-natty.git / commitdiff