Re: [patch 00/21] 2.6.19-stable review

[Chuck Ebbert]

Greg KH wrote:
> This is the start of the stable review cycle for the 2.6.19.5 release.
> 
> This will probably be the last release of the 2.6.19-stable series, so
> if there are patches that you feel should be applied to that tree,
> please let me know.

This patch should go in 2.6.19 and 2.6.20 -stable as well.
(It's in 2.6.21-rc.)

From: Steve French <sfrench@xxxxxxxxxx>
Date: Mon, 22 Jan 2007 01:19:30 +0000 (+0000)
Subject: [CIFS] Fix oops when Windows server sent bad domain name null terminator
X-Git-Tag: v2.6.20^0~147^2
X-Git-Url: http://www2.kernel.org/git/?p=linux%2Fkernel%2Fgit%2Fsfrench%2Fcifs-2.6.git;a=commitdiff_plain;h=8e6f195af0e1f226e9b2e0256af8df46adb9d595

[CIFS] Fix oops when Windows server sent bad domain name null terminator

Fixes RedHat bug 211672

Windows sends one byte (instead of two) of null to terminate final Unicode
string (domain name) in session setup response in some cases - this caused
cifs to misalign some informational strings (making it hard to convert
from UCS16 to UTF8).

Thanks to Shaggy for his help and Akemi Yagi for debugging/testing

Signed-off-by: Shirish Pargaonkar <shirishp@xxxxxxxxxx>
Signed-off-by: Steve French <sfrench@xxxxxxxxxx>
---

diff --git a/fs/cifs/sess.c b/fs/cifs/sess.c
index bbdda99..7584646 100644
--- a/fs/cifs/sess.c
+++ b/fs/cifs/sess.c
@@ -182,11 +182,14 @@ static int decode_unicode_ssetup(char ** pbcc_area, int bleft, struct cifsSesInf
 	cFYI(1,("bleft %d",bleft));
 
 
-	/* word align, if bytes remaining is not even */
-	if(bleft % 2) {
-		bleft--;
-		data++;
-	}
+	/* SMB header is unaligned, so cifs servers word align start of
+	   Unicode strings */
+	data++;
+	bleft--; /* Windows servers do not always double null terminate
+		    their final Unicode string - in which case we
+		    now will not attempt to decode the byte of junk
+		    which follows it */
+		    
 	words_left = bleft / 2;
 
 	/* save off server operating system */