cifs: fix strcat buffer overflow and reduce raciness in smb21_set_oplock_level()
authorChristoph Probst <kernel@probst.it>
Tue, 7 May 2019 15:16:40 +0000 (17:16 +0200)
committerSteve French <stfrench@microsoft.com>
Wed, 8 May 2019 04:24:55 +0000 (23:24 -0500)
commit6a54b2e002c9d00b398d35724c79f9fe0d9b38fb
tree15337da48020ddeb9265edcad0abf0255895d881
parent26ea888f6282b0f5c1977d8ddb2fff1ea0238bd7
cifs: fix strcat buffer overflow and reduce raciness in smb21_set_oplock_level()

Change strcat to strncpy in the "None" case to fix a buffer overflow
when cinode->oplock is reset to 0 by another thread accessing the same
cinode. It is never valid to append "None" to any other message.

Consolidate multiple writes to cinode->oplock to reduce raciness.

Signed-off-by: Christoph Probst <kernel@probst.it>
Reviewed-by: Pavel Shilovsky <pshilov@microsoft.com>
Signed-off-by: Steve French <stfrench@microsoft.com>
CC: Stable <stable@vger.kernel.org>
fs/cifs/smb2ops.c