cifs: Read buffer overflow
authorRoel Kluin <roel.kluin@gmail.com>
Sun, 2 Aug 2009 11:00:18 +0000 (13:00 +0200)
committerSteve French <sfrench@us.ibm.com>
Mon, 3 Aug 2009 21:01:32 +0000 (21:01 +0000)
Check whether index is within bounds before testing the element.

Acked-by: Jeff Layton <jlayton@redhat.com>
Signed-off-by: Roel Kluin <roel.kluin@gmail.com>
Signed-off-by: Steve French <sfrench@us.ibm.com>
fs/cifs/cifs_unicode.c

index 60e3c4253de0b9774cb79767966847779c6d92b5..714a542cbafce7f3efbe242339bec3d99a0c929f 100644 (file)
@@ -44,7 +44,7 @@ cifs_ucs2_bytes(const __le16 *from, int maxbytes,
        int maxwords = maxbytes / 2;
        char tmp[NLS_MAX_CHARSET_SIZE];
 
-       for (i = 0; from[i] && i < maxwords; i++) {
+       for (i = 0; i < maxwords && from[i]; i++) {
                charlen = codepage->uni2char(le16_to_cpu(from[i]), tmp,
                                             NLS_MAX_CHARSET_SIZE);
                if (charlen > 0)