Patch Detail
get:
Show a patch.
patch:
Update a patch.
put:
Update a patch.
GET /api/patches/2217923/?format=api
{ "id": 2217923, "url": "http://patchwork.ozlabs.org/api/patches/2217923/?format=api", "web_url": "http://patchwork.ozlabs.org/project/linux-cifs-client/patch/20260331000911.16062-1-ddiss@suse.de/", "project": { "id": 12, "url": "http://patchwork.ozlabs.org/api/projects/12/?format=api", "name": "Linux CIFS Client", "link_name": "linux-cifs-client", "list_id": "linux-cifs.vger.kernel.org", "list_email": "linux-cifs@vger.kernel.org", "web_url": "", "scm_url": "", "webscm_url": "", "list_archive_url": "", "list_archive_url_format": "", "commit_url_format": "" }, "msgid": "<20260331000911.16062-1-ddiss@suse.de>", "list_archive_url": null, "date": "2026-03-31T00:09:11", "name": "mount.cifs: fix buffer overrun in set_password", "commit_ref": null, "pull_url": null, "state": "new", "archived": false, "hash": "4882193d50faad2d5cb5c1d6c263cf307b4ea51b", "submitter": { "id": 26890, "url": "http://patchwork.ozlabs.org/api/people/26890/?format=api", "name": "David Disseldorp", "email": "ddiss@suse.de" }, "delegate": null, "mbox": "http://patchwork.ozlabs.org/project/linux-cifs-client/patch/20260331000911.16062-1-ddiss@suse.de/mbox/", "series": [ { "id": 498114, "url": "http://patchwork.ozlabs.org/api/series/498114/?format=api", "web_url": "http://patchwork.ozlabs.org/project/linux-cifs-client/list/?series=498114", "date": "2026-03-31T00:09:11", "name": "mount.cifs: fix buffer overrun in set_password", "version": 1, "mbox": "http://patchwork.ozlabs.org/series/498114/mbox/" } ], "comments": "http://patchwork.ozlabs.org/api/patches/2217923/comments/", "check": "pending", "checks": "http://patchwork.ozlabs.org/api/patches/2217923/checks/", "tags": {}, "related": [], "headers": { "Return-Path": "\n <linux-cifs+bounces-10586-incoming=patchwork.ozlabs.org@vger.kernel.org>", "X-Original-To": [ "incoming@patchwork.ozlabs.org", "linux-cifs@vger.kernel.org" ], "Delivered-To": "patchwork-incoming@legolas.ozlabs.org", "Authentication-Results": [ "legolas.ozlabs.org;\n\tdkim=pass (1024-bit key;\n unprotected) header.d=suse.de header.i=@suse.de header.a=rsa-sha256\n header.s=susede2_rsa header.b=l6AEHfQC;\n\tdkim=pass header.d=suse.de header.i=@suse.de header.a=ed25519-sha256\n header.s=susede2_ed25519 header.b=dqAf6yCk;\n\tdkim=pass (1024-bit key) header.d=suse.de header.i=@suse.de\n header.a=rsa-sha256 header.s=susede2_rsa header.b=DGOEvkAw;\n\tdkim=neutral header.d=suse.de header.i=@suse.de header.a=ed25519-sha256\n header.s=susede2_ed25519 header.b=dIWov5uZ;\n\tdkim-atps=neutral", "legolas.ozlabs.org;\n spf=pass (sender SPF authorized) smtp.mailfrom=vger.kernel.org\n (client-ip=2600:3c15:e001:75::12fc:5321; helo=sin.lore.kernel.org;\n envelope-from=linux-cifs+bounces-10586-incoming=patchwork.ozlabs.org@vger.kernel.org;\n receiver=patchwork.ozlabs.org)", "smtp.subspace.kernel.org;\n\tdkim=pass (1024-bit key) header.d=suse.de header.i=@suse.de\n header.b=\"l6AEHfQC\";\n\tdkim=permerror (0-bit key) header.d=suse.de header.i=@suse.de\n header.b=\"dqAf6yCk\";\n\tdkim=pass (1024-bit key) header.d=suse.de header.i=@suse.de\n header.b=\"DGOEvkAw\";\n\tdkim=permerror (0-bit key) header.d=suse.de header.i=@suse.de\n header.b=\"dIWov5uZ\"", "smtp.subspace.kernel.org;\n arc=none smtp.client-ip=195.135.223.131", "smtp.subspace.kernel.org;\n dmarc=pass (p=none dis=none) header.from=suse.de", "smtp.subspace.kernel.org;\n spf=pass smtp.mailfrom=suse.de", "smtp-out2.suse.de;\n\tdkim=pass header.d=suse.de header.s=susede2_rsa header.b=DGOEvkAw;\n\tdkim=pass header.d=suse.de header.s=susede2_ed25519 header.b=dIWov5uZ" ], "Received": [ "from sin.lore.kernel.org (sin.lore.kernel.org\n [IPv6:2600:3c15:e001:75::12fc:5321])\n\t(using TLSv1.3 with cipher TLS_AES_256_GCM_SHA384 (256/256 bits)\n\t key-exchange x25519 server-signature ECDSA (secp384r1) server-digest SHA384)\n\t(No client certificate requested)\n\tby legolas.ozlabs.org (Postfix) with ESMTPS id 4fl7mb50Qnz1yCp\n\tfor <incoming@patchwork.ozlabs.org>; Tue, 31 Mar 2026 11:10:23 +1100 (AEDT)", "from smtp.subspace.kernel.org (conduit.subspace.kernel.org\n [100.90.174.1])\n\tby sin.lore.kernel.org (Postfix) with ESMTP id 8AC5E3014889\n\tfor <incoming@patchwork.ozlabs.org>; Tue, 31 Mar 2026 00:10:21 +0000 (UTC)", "from localhost.localdomain (localhost.localdomain [127.0.0.1])\n\tby smtp.subspace.kernel.org (Postfix) with ESMTP id 903AE29405;\n\tTue, 31 Mar 2026 00:10:20 +0000 (UTC)", "from smtp-out2.suse.de (smtp-out2.suse.de [195.135.223.131])\n\t(using TLSv1.2 with cipher ECDHE-RSA-AES128-GCM-SHA256 (128/128 bits))\n\t(No client certificate requested)\n\tby smtp.subspace.kernel.org (Postfix) with ESMTPS id 0D9A113B58A\n\tfor <linux-cifs@vger.kernel.org>; Tue, 31 Mar 2026 00:10:18 +0000 (UTC)", "from imap1.dmz-prg2.suse.org (imap1.dmz-prg2.suse.org\n [IPv6:2a07:de40:b281:104:10:150:64:97])\n\t(using TLSv1.3 with cipher TLS_AES_256_GCM_SHA384 (256/256 bits)\n\t key-exchange X25519 server-signature RSA-PSS (4096 bits) server-digest\n SHA256)\n\t(No client certificate requested)\n\tby smtp-out2.suse.de (Postfix) with ESMTPS id E61C85BD68;\n\tTue, 31 Mar 2026 00:10:16 +0000 (UTC)", "from imap1.dmz-prg2.suse.org (localhost [127.0.0.1])\n\t(using TLSv1.3 with cipher TLS_AES_256_GCM_SHA384 (256/256 bits)\n\t key-exchange X25519 server-signature RSA-PSS (4096 bits) server-digest\n SHA256)\n\t(No client certificate requested)\n\tby imap1.dmz-prg2.suse.org (Postfix) with ESMTPS id 186804A0A2;\n\tTue, 31 Mar 2026 00:10:14 +0000 (UTC)", "from dovecot-director2.suse.de ([2a07:de40:b281:106:10:150:64:167])\n\tby imap1.dmz-prg2.suse.org with ESMTPSA\n\tid trB+L+YQy2mJIwAAD6G6ig\n\t(envelope-from <ddiss@suse.de>); Tue, 31 Mar 2026 00:10:14 +0000" ], "ARC-Seal": "i=1; a=rsa-sha256; d=subspace.kernel.org; s=arc-20240116;\n\tt=1774915820; cv=none;\n b=lLYpNqB4zCNYapdfYoEz1G1YgZAKvaMHl2W3iCDODGbfoDN3e/oPMtQ8EpoRFDlc+JXbAEoLushTIf4X7Gcry4i+w+kmXtrG21tIvjaqSdPztNzU9Y0F9fC34XrceFr49nU59iDTYar1o/8o/YiHDnpPC4srbCAvTgKfap2H6BQ=", "ARC-Message-Signature": "i=1; a=rsa-sha256; d=subspace.kernel.org;\n\ts=arc-20240116; t=1774915820; c=relaxed/simple;\n\tbh=6hQN1OpICcA4yQqlpr+aTakbz7UHM9CVkKNIV3oboq0=;\n\th=From:To:Cc:Subject:Date:Message-ID:MIME-Version;\n b=RS1EioPUbmdfEl4cCp1NKVct42o/iwiOntPcXt0mWKo3WT0IB4dVGbdiaVjA/maWhZaYIj+ZuqwQJeHzHDBy2VFoKVUtCc8BJvnaq3Mcvsja/IOI01Atp080rPE4NHIOx5K8k5jDNjkdWfdmFnpOuoLh3XxWdznRZsCrz45HjN4=", "ARC-Authentication-Results": "i=1; smtp.subspace.kernel.org;\n dmarc=pass (p=none dis=none) header.from=suse.de;\n spf=pass smtp.mailfrom=suse.de;\n dkim=pass (1024-bit key) header.d=suse.de header.i=@suse.de\n header.b=l6AEHfQC;\n dkim=permerror (0-bit key) header.d=suse.de header.i=@suse.de\n header.b=dqAf6yCk;\n dkim=pass (1024-bit key) header.d=suse.de header.i=@suse.de\n header.b=DGOEvkAw;\n dkim=permerror (0-bit key) header.d=suse.de header.i=@suse.de\n header.b=dIWov5uZ; arc=none smtp.client-ip=195.135.223.131", "DKIM-Signature": [ "v=1; a=rsa-sha256; c=relaxed/relaxed; d=suse.de;\n s=susede2_rsa;\n\tt=1774915817;\n h=from:from:reply-to:date:date:message-id:message-id:to:to:cc:cc:\n\t mime-version:mime-version:\n content-transfer-encoding:content-transfer-encoding;\n\tbh=RVJyPKKdmS9R+Kpd6MaNUQ/wMl9LesyF/QDEgPQVANI=;\n\tb=l6AEHfQCT/jwXsnXVh7tPADsBO2oexad78KaBVlsm4H4hDi5vDgWbrHqpNAaUTL/x/BS6p\n\tizENq7WryiZMjolAO+umqFmqUhGU+4apTweQu/1VNluygjUNh8UbGj2tZhrcQGVhI83Hti\n\t/8fUws2yT/hRCVsRXi3/wRfxxbDt7+I=", "v=1; a=ed25519-sha256; c=relaxed/relaxed; d=suse.de;\n\ts=susede2_ed25519; t=1774915817;\n\th=from:from:reply-to:date:date:message-id:message-id:to:to:cc:cc:\n\t mime-version:mime-version:\n content-transfer-encoding:content-transfer-encoding;\n\tbh=RVJyPKKdmS9R+Kpd6MaNUQ/wMl9LesyF/QDEgPQVANI=;\n\tb=dqAf6yCkKbI9iUa1sIzuzFMuzK44QShPDJ8oklQD/ZT92ThIdrG3zdEtQr1yOh92aG28ko\n\tf9M6ZoOGjOBC/UDQ==", "v=1; a=rsa-sha256; c=relaxed/relaxed; d=suse.de;\n s=susede2_rsa;\n\tt=1774915816;\n h=from:from:reply-to:date:date:message-id:message-id:to:to:cc:cc:\n\t mime-version:mime-version:\n content-transfer-encoding:content-transfer-encoding;\n\tbh=RVJyPKKdmS9R+Kpd6MaNUQ/wMl9LesyF/QDEgPQVANI=;\n\tb=DGOEvkAwZVjKZ2rKOMlDSfOu80rZT3NmTowlqeen9G3GW0Uotdk7TYnUdDl7ezaXZ2fePv\n\tZrTZW9warGPBatiVTOLfp/K+EBMShy/+lNqXCSrzzhPS/s4LIE7CnHNAzP2+SMgUEime9o\n\tAjW2uc0ZKEtCWfMX76YaIe2+AeBonZs=", "v=1; a=ed25519-sha256; c=relaxed/relaxed; d=suse.de;\n\ts=susede2_ed25519; t=1774915816;\n\th=from:from:reply-to:date:date:message-id:message-id:to:to:cc:cc:\n\t mime-version:mime-version:\n content-transfer-encoding:content-transfer-encoding;\n\tbh=RVJyPKKdmS9R+Kpd6MaNUQ/wMl9LesyF/QDEgPQVANI=;\n\tb=dIWov5uZt6Y7qZtTWBvrraX/Ppkt2Tc9ZEj8okDi+FpQ5yix5fmRWhT8TzdZ601QWSGOcc\n\tTy37ht8ppZ954ECA==" ], "From": "David Disseldorp <ddiss@suse.de>", "To": "linux-cifs@vger.kernel.org", "Cc": "Steve French <smfrench@gmail.com>,\n\tDavid Disseldorp <ddiss@suse.de>,\n\tBruno Bierbaumer <bruno@bierbaumer.net>", "Subject": "[PATCH] mount.cifs: fix buffer overrun in set_password", "Date": "Tue, 31 Mar 2026 11:09:11 +1100", "Message-ID": "<20260331000911.16062-1-ddiss@suse.de>", "X-Mailer": "git-send-email 2.51.0", "Precedence": "bulk", "X-Mailing-List": "linux-cifs@vger.kernel.org", "List-Id": "<linux-cifs.vger.kernel.org>", "List-Subscribe": "<mailto:linux-cifs+subscribe@vger.kernel.org>", "List-Unsubscribe": "<mailto:linux-cifs+unsubscribe@vger.kernel.org>", "MIME-Version": "1.0", "Content-Transfer-Encoding": "8bit", "X-Spamd-Result": "default: False [-3.01 / 50.00];\n\tBAYES_HAM(-3.00)[99.99%];\n\tMID_CONTAINS_FROM(1.00)[];\n\tNEURAL_HAM_LONG(-1.00)[-1.000];\n\tR_MISSING_CHARSET(0.50)[];\n\tNEURAL_HAM_SHORT(-0.20)[-1.000];\n\tR_DKIM_ALLOW(-0.20)[suse.de:s=susede2_rsa,suse.de:s=susede2_ed25519];\n\tMIME_GOOD(-0.10)[text/plain];\n\tMX_GOOD(-0.01)[];\n\tTO_DN_SOME(0.00)[];\n\tTO_MATCH_ENVRCPT_ALL(0.00)[];\n\tFUZZY_RATELIMITED(0.00)[rspamd.com];\n\tRBL_SPAMHAUS_BLOCKED_OPENRESOLVER(0.00)[2a07:de40:b281:104:10:150:64:97:from];\n\tDKIM_SIGNED(0.00)[suse.de:s=susede2_rsa,suse.de:s=susede2_ed25519];\n\tMIME_TRACE(0.00)[0:+];\n\tARC_NA(0.00)[];\n\tFREEMAIL_CC(0.00)[gmail.com,suse.de,bierbaumer.net];\n\tRCVD_TLS_ALL(0.00)[];\n\tRCVD_COUNT_TWO(0.00)[2];\n\tFROM_EQ_ENVFROM(0.00)[];\n\tFROM_HAS_DN(0.00)[];\n\tSPAMHAUS_XBL(0.00)[2a07:de40:b281:104:10:150:64:97:from];\n\tDBL_BLOCKED_OPENRESOLVER(0.00)[samba.org:url,suse.de:mid,suse.de:dkim,suse.de:email,imap1.dmz-prg2.suse.org:helo,imap1.dmz-prg2.suse.org:rdns];\n\tRCVD_VIA_SMTP_AUTH(0.00)[];\n\tDNSWL_BLOCKED(0.00)[2a07:de40:b281:106:10:150:64:167:received,2a07:de40:b281:104:10:150:64:97:from];\n\tDKIM_TRACE(0.00)[suse.de:+];\n\tRCPT_COUNT_THREE(0.00)[4];\n\tFREEMAIL_ENVRCPT(0.00)[gmail.com]", "X-Rspamd-Action": "no action", "X-Spam-Flag": "NO", "X-Spam-Score": "-3.01", "X-Spam-Level": "", "X-Rspamd-Server": "rspamd1.dmz-prg2.suse.org", "X-Rspamd-Queue-Id": "E61C85BD68" }, "content": "The existing (j > pass_length) check is insufficient to avoid dst buffer\noverrun into the start of the adjacent struct parsed_mount_info field.\nCheck for overrun before writing to dst, and account for comma-expansion\nand null-termination.\n\nBug: https://bugzilla.samba.org/show_bug.cgi?id=16044\n\nReported-by: Bruno Bierbaumer <bruno@bierbaumer.net>\nSigned-off-by: David Disseldorp <ddiss@suse.de>\n---\n mount.cifs.c | 8 ++++----\n 1 file changed, 4 insertions(+), 4 deletions(-)", "diff": "diff --git a/mount.cifs.c b/mount.cifs.c\nindex 1923913..d41ca6a 100644\n--- a/mount.cifs.c\n+++ b/mount.cifs.c\n@@ -350,13 +350,13 @@ set_password(struct parsed_mount_info *parsed_info, const char *src,\n \tunsigned int i = 0, j = 0;\n \n \twhile (src[i]) {\n-\t\tif (src[i] == ',')\n-\t\t\tdst[j++] = ',';\n-\t\tdst[j++] = src[i++];\n-\t\tif (j > pass_length) {\n+\t\tif (j + 2 >= pass_length) {\n \t\t\tfprintf(stderr, \"Converted password too long!\\n\");\n \t\t\treturn EX_USAGE;\n \t\t}\n+\t\tif (src[i] == ',')\n+\t\t\tdst[j++] = ',';\n+\t\tdst[j++] = src[i++];\n \t}\n \tdst[j] = '\\0';\n \tif (is_pass2)\n", "prefixes": [] }