CIFS: Fix possible freed pointer dereference in CIFS_SessSetup

author Pavel Shilovsky <piastry@etersoft.ru>

Tue, 25 Sep 2012 07:00:08 +0000 (11:00 +0400)

committer Steve French <smfrench@gmail.com>

Thu, 27 Sep 2012 03:15:24 +0000 (22:15 -0500)
author Pavel Shilovsky <piastry@etersoft.ru>
Tue, 25 Sep 2012 07:00:08 +0000 (11:00 +0400)
committer Steve French <smfrench@gmail.com>
Thu, 27 Sep 2012 03:15:24 +0000 (22:15 -0500)
diff --git a/fs/cifs/sess.c b/fs/cifs/sess.c

index 382c06d..76809f4 100644 (file)
--- a/fs/cifs/sess.c
+++ b/fs/cifs/sess.c
@@ -876,7 +876,8 @@ ssetup_ntlmssp_authenticate:
         pSMB = (SESSION_SETUP_ANDX *)iov[0].iov_base;
         smb_buf = (struct smb_hdr *)iov[0].iov_base;
  
-       if ((type == RawNTLMSSP) && (smb_buf->Status.CifsError ==
+       if ((type == RawNTLMSSP) && (resp_buf_type != CIFS_NO_BUFFER) &&
+           (smb_buf->Status.CifsError ==
                         cpu_to_le32(NT_STATUS_MORE_PROCESSING_REQUIRED))) {
                 if (phase != NtLmNegotiate) {
                         cERROR(1, "Unexpected more processing error");
author	Pavel Shilovsky <piastry@etersoft.ru>
	Tue, 25 Sep 2012 07:00:08 +0000 (11:00 +0400)
committer	Steve French <smfrench@gmail.com>
	Thu, 27 Sep 2012 03:15:24 +0000 (22:15 -0500)