cifs: Increase size of tmp_buf in cifs_readdir to avoid potential overflows Increase size of tmp_buf to possible maximum to avoid potential overflows. Pointed-out-by: Jeff Layton <jlayton@redhat.com> Signed-off-by: Suresh Jayaraman <sjayaraman@suse.de> Acked-by: Jeff Layton <jlayton@redhat.com> Signed-off-by: Steve French <sfrench@us.ibm.com>

commit: 7b0c8fcff47a885743125dd843db64af41af5a61 [log] [tgz]
author: Suresh Jayaraman <sjayaraman@suse.de> Mon Apr 20 18:54:36 2009 +0530
committer: Steve French <sfrench@us.ibm.com> Mon Apr 20 19:58:09 2009 +0000
tree: 144e5390001c8e49ec2fd0fcdb9274d68e6b50bd
parent: 968460ebd8006d55661dec0fb86712b40d71c413 [diff]
diff --git a/fs/cifs/readdir.c b/fs/cifs/readdir.c
index 1a8be62..ebd0da7 100644
--- a/fs/cifs/readdir.c
+++ b/fs/cifs/readdir.c

@@ -1074,7 +1074,7 @@
 		with the rare long characters alloc more to account for
 		such multibyte target UTF-8 characters. cifs_unicode.c,
 		which actually does the conversion, has the same limit */
-		tmp_buf = kmalloc((2 * NAME_MAX) + 4, GFP_KERNEL);
+		tmp_buf = kmalloc((4 * NAME_MAX) + 2, GFP_KERNEL);
 		for (i = 0; (i < num_to_fill) && (rc == 0); i++) {
 			if (current_entry == NULL) {
 				/* evaluate whether this case is an error */
commit	7b0c8fcff47a885743125dd843db64af41af5a61	[log] [tgz]
author	Suresh Jayaraman <sjayaraman@suse.de>	Mon Apr 20 18:54:36 2009 +0530
committer	Steve French <sfrench@us.ibm.com>	Mon Apr 20 19:58:09 2009 +0000
tree	144e5390001c8e49ec2fd0fcdb9274d68e6b50bd
parent	968460ebd8006d55661dec0fb86712b40d71c413 [diff]