From patchwork Wed Mar 16 19:15:30 2011 Content-Type: text/plain; charset="utf-8" MIME-Version: 1.0 Content-Transfer-Encoding: 7bit X-Patchwork-Submitter: Jeff Layton X-Patchwork-Id: 639551 Received: from vger.kernel.org (vger.kernel.org [209.132.180.67]) by demeter1.kernel.org (8.14.4/8.14.3) with ESMTP id p2GJMkVn030448 for ; Wed, 16 Mar 2011 19:22:46 GMT Received: (majordomo@vger.kernel.org) by vger.kernel.org via listexpand id S1753516Ab1CPTWp (ORCPT ); Wed, 16 Mar 2011 15:22:45 -0400 Received: from mail-vx0-f174.google.com ([209.85.220.174]:48545 "EHLO mail-vx0-f174.google.com" rhost-flags-OK-OK-OK-OK) by vger.kernel.org with ESMTP id S1753514Ab1CPTWp (ORCPT ); Wed, 16 Mar 2011 15:22:45 -0400 Received: by vxi39 with SMTP id 39so1965965vxi.19 for ; Wed, 16 Mar 2011 12:22:44 -0700 (PDT) Received: by 10.52.91.34 with SMTP id cb2mr500637vdb.112.1300302941516; Wed, 16 Mar 2011 12:15:41 -0700 (PDT) Received: from salusa.poochiereds.net (cpe-075-177-180-210.nc.res.rr.com [75.177.180.210]) by mx.google.com with ESMTPS id eh10sm873050vbb.2.2011.03.16.12.15.40 (version=SSLv3 cipher=OTHER); Wed, 16 Mar 2011 12:15:41 -0700 (PDT) From: Jeff Layton To: smfrench@gmail.com Cc: linux-cifs@vger.kernel.org Subject: [PATCH 2/3] cifs: fix broken BCC check in is_valid_oplock_break Date: Wed, 16 Mar 2011 15:15:30 -0400 Message-Id: <1300302931-13830-2-git-send-email-jlayton@redhat.com> X-Mailer: git-send-email 1.7.4 In-Reply-To: <1300302931-13830-1-git-send-email-jlayton@redhat.com> References: <1300302931-13830-1-git-send-email-jlayton@redhat.com> Sender: linux-cifs-owner@vger.kernel.org Precedence: bulk List-ID: X-Mailing-List: linux-cifs@vger.kernel.org X-Greylist: IP, sender and recipient auto-whitelisted, not delayed by milter-greylist-4.2.6 (demeter1.kernel.org [140.211.167.41]); Wed, 16 Mar 2011 19:22:46 +0000 (UTC) diff --git a/fs/cifs/misc.c b/fs/cifs/misc.c index 718268f..1640a6e 100644 --- a/fs/cifs/misc.c +++ b/fs/cifs/misc.c @@ -521,7 +521,7 @@ is_valid_oplock_break(struct smb_hdr *buf, struct TCP_Server_Info *srv) (struct smb_com_transaction_change_notify_rsp *)buf; struct file_notify_information *pnotify; __u32 data_offset = 0; - if (pSMBr->ByteCount > sizeof(struct file_notify_information)) { + if (get_bcc_le(buf) > sizeof(struct file_notify_information)) { data_offset = le32_to_cpu(pSMBr->DataOffset); pnotify = (struct file_notify_information *)