{"id":2220130,"url":"http://patchwork.ozlabs.org/api/1.0/covers/2220130/?format=json","project":{"id":12,"url":"http://patchwork.ozlabs.org/api/1.0/projects/12/?format=json","name":"Linux CIFS Client","link_name":"linux-cifs-client","list_id":"linux-cifs.vger.kernel.org","list_email":"linux-cifs@vger.kernel.org","web_url":"","scm_url":"","webscm_url":""},"msgid":"<2026040644-brussels-dab-6f99@gregkh>","date":"2026-04-06T13:46:45","name":"[0/3] ksmbd: some potential bugfixes","submitter":{"id":11800,"url":"http://patchwork.ozlabs.org/api/1.0/people/11800/?format=json","name":"Greg Kroah-Hartman","email":"gregkh@linuxfoundation.org"},"series":[{"id":498855,"url":"http://patchwork.ozlabs.org/api/1.0/series/498855/?format=json","date":"2026-04-06T13:46:46","name":"ksmbd: some potential bugfixes","version":1,"mbox":"http://patchwork.ozlabs.org/series/498855/mbox/"}],"headers":{"Return-Path":"\n ","X-Original-To":["incoming@patchwork.ozlabs.org","linux-cifs@vger.kernel.org"],"Delivered-To":"patchwork-incoming@legolas.ozlabs.org","Authentication-Results":["legolas.ozlabs.org;\n\tdkim=pass (1024-bit key;\n unprotected) header.d=linuxfoundation.org header.i=@linuxfoundation.org\n header.a=rsa-sha256 header.s=korg header.b=SCMPJdAg;\n\tdkim-atps=neutral","legolas.ozlabs.org;\n spf=pass (sender SPF authorized) smtp.mailfrom=vger.kernel.org\n (client-ip=2600:3c15:e001:75::12fc:5321; helo=sin.lore.kernel.org;\n envelope-from=linux-cifs+bounces-10676-incoming=patchwork.ozlabs.org@vger.kernel.org;\n receiver=patchwork.ozlabs.org)","smtp.subspace.kernel.org;\n\tdkim=pass (1024-bit key) header.d=linuxfoundation.org\n header.i=@linuxfoundation.org header.b=\"SCMPJdAg\"","smtp.subspace.kernel.org;\n arc=none smtp.client-ip=10.30.226.201"],"Received":["from sin.lore.kernel.org (sin.lore.kernel.org\n [IPv6:2600:3c15:e001:75::12fc:5321])\n\t(using TLSv1.3 with cipher TLS_AES_256_GCM_SHA384 (256/256 bits)\n\t key-exchange x25519 server-signature ECDSA (secp384r1) server-digest SHA384)\n\t(No client certificate requested)\n\tby legolas.ozlabs.org (Postfix) with ESMTPS id 4fq9cC3DKVz1xy1\n\tfor ; Mon, 06 Apr 2026 23:47:07 +1000 (AEST)","from smtp.subspace.kernel.org (conduit.subspace.kernel.org\n [100.90.174.1])\n\tby sin.lore.kernel.org (Postfix) with ESMTP id 3684A3007A77\n\tfor ; Mon, 6 Apr 2026 13:47:02 +0000 (UTC)","from localhost.localdomain (localhost.localdomain [127.0.0.1])\n\tby smtp.subspace.kernel.org (Postfix) with ESMTP id C47D42517A5;\n\tMon, 6 Apr 2026 13:47:01 +0000 (UTC)","from smtp.kernel.org (aws-us-west-2-korg-mail-1.web.codeaurora.org\n [10.30.226.201])\n\t(using TLSv1.2 with cipher ECDHE-RSA-AES256-GCM-SHA384 (256/256 bits))\n\t(No client certificate requested)\n\tby smtp.subspace.kernel.org (Postfix) with ESMTPS id A131F239E80;\n\tMon, 6 Apr 2026 13:47:01 +0000 (UTC)","by smtp.kernel.org (Postfix) with ESMTPSA id BBF36C2BC9E;\n\tMon, 6 Apr 2026 13:47:00 +0000 (UTC)"],"ARC-Seal":"i=1; a=rsa-sha256; d=subspace.kernel.org; s=arc-20240116;\n\tt=1775483221; cv=none;\n b=AaCXwDAyHkttI14iHnlqCQMAik6SiuWqDrw34trbSZkI7x/slKtrJUi2E8aMVZE8MDx8ij+NkaZ+pMT7mCU6d0n/YUKPMHOQ0bDdVwz+iPZ3RINVhWWGYHhGTpJuCmzIjBHwy/50AmQh64secFsdRAgyOnDsTc80+2s0IR9/Plo=","ARC-Message-Signature":"i=1; a=rsa-sha256; d=subspace.kernel.org;\n\ts=arc-20240116; t=1775483221; c=relaxed/simple;\n\tbh=3a3ms7S6HXSTmecMy+J7sYm3lCwUvO3MKPcbzv4lHAs=;\n\th=From:To:Cc:Subject:Date:Message-ID:MIME-Version;\n b=CBqz0Jx/SjI7xpGvDB93eSUz9qa01pPb+mobr7cVf1lSgjdADmoJ3MCt0+r8C+gKZWqUVfpca+ZHqJeIhllMI8QAkl2noZ3VpqE5Nzm6CEy4H6eCJUAhk4qTz/NkuqRCzhbv7dvlgTqNGvXbNUC7MxbmrvBTCbxChwm+y2F63Ew=","ARC-Authentication-Results":"i=1; smtp.subspace.kernel.org;\n dkim=pass (1024-bit key) header.d=linuxfoundation.org\n header.i=@linuxfoundation.org header.b=SCMPJdAg;\n arc=none smtp.client-ip=10.30.226.201","DKIM-Signature":"v=1; a=rsa-sha256; c=relaxed/simple; d=linuxfoundation.org;\n\ts=korg; t=1775483221;\n\tbh=3a3ms7S6HXSTmecMy+J7sYm3lCwUvO3MKPcbzv4lHAs=;\n\th=From:To:Cc:Subject:Date:From;\n\tb=SCMPJdAgwiIj/j9mtZm9scYEhQQ4VMC51HjDZo13edY5jvw1HXqCrLvctk0g6k3uw\n\t 2RRJhrtWZpsJ+xhz7yFT+uyBgeRbGA4HDlKUlZDLWULZwMHiNyVkEaljg3oQ/kv1Cz\n\t svRiKDrXMD+9rfL5j+YP1aisc9SHRnXe7dyoar70=","From":"Greg Kroah-Hartman ","To":"linux-cifs@vger.kernel.org","Cc":"linux-kernel@vger.kernel.org,\n\tGreg Kroah-Hartman ,\n\tNamjae Jeon ,\n\tSteve French ,\n\tSergey Senozhatsky ,\n\tTom Talpey ","Subject":"[PATCH 0/3] ksmbd: some potential bugfixes","Date":"Mon, 6 Apr 2026 15:46:45 +0200","Message-ID":"<2026040644-brussels-dab-6f99@gregkh>","X-Mailer":"git-send-email 2.53.0","Precedence":"bulk","X-Mailing-List":"linux-cifs@vger.kernel.org","List-Id":"","List-Subscribe":"","List-Unsubscribe":"","MIME-Version":"1.0","Lines":"25","X-Developer-Signature":"v=1; a=openpgp-sha256; l=888;\n i=gregkh@linuxfoundation.org; h=from:subject:message-id;\n bh=3a3ms7S6HXSTmecMy+J7sYm3lCwUvO3MKPcbzv4lHAs=;\n b=owGbwMvMwCRo6H6F97bub03G02pJDJmXd7qUb+u5vXbmBHaLSE2VDmbzf3svxQh/yTx8011cU\n 3eZfNmqjlgWBkEmBlkxRZYv23iO7q84pOhlaHsaZg4rE8gQBi5OAZgIpy3Dgq6V+03Srl1sW5by\n V1hfjjF6e8BuboYFl7V6j9Wal/f7rYqYqpWeJXwwVIMfAA==","X-Developer-Key":"i=gregkh@linuxfoundation.org; a=openpgp;\n fpr=F4B60CC5BF78C2214A313DCB3147D40DDB2DFB29","Content-Transfer-Encoding":"8bit"},"content":"I spent the time exercising some new fuzzing tools on the ksmbd and smb\ncode purely because it's something that is simple to set up and test\nlocally with virtual machines, and in doing so, potentially found some\nminor problems for when you have an \"untrusted\" client.\n\nHere's some fixes for what I happened to notice. They pass my very\nlimited testing here, but please don't trust them at all and verify that\nI'm not just making this all up before accepting them.\n\nthanks!\n\ngreg k-h\n\nGreg Kroah-Hartman (3):\n ksmbd: validate EaNameLength in smb2_get_ea()\n ksmbd: require 3 sub-authorities before reading sub_auth[2]\n ksmbd: fix mechToken leak when SPNEGO decode fails after token alloc\n\n fs/smb/server/connection.c | 1 +\n fs/smb/server/smb2pdu.c | 7 ++++++-\n fs/smb/server/smbacl.c | 3 ++-\n 3 files changed, 9 insertions(+), 2 deletions(-)"}