cifs_dbg() outputs an uninitialized buffer in cifs_readdir()
Orabug:
23330633
[ Upstream commit
01b9b0b28626db4a47d7f48744d70abca9914ef1 ]
In some cases tmp_bug can be not filled in cifs_filldir and stay uninitialized,
therefore its printk with "%s" modifier can leak content of kernelspace memory.
If old content of this buffer does not contain '\0' access bejond end of
allocated object can crash the host.
Signed-off-by: Vasily Averin <vvs@virtuozzo.com>
Signed-off-by: Steve French <sfrench@localhost.localdomain>
CC: Stable <stable@vger.kernel.org>
Signed-off-by: Sasha Levin <sasha.levin@oracle.com>
(cherry picked from commit
c5882812d2e1ab7db5bc71a1bca90b3a2d89dedd)
Signed-off-by: Dan Duval <dan.duval@oracle.com>
projects / users / jedix / linux-maple.git / commit