projects / platform / kernel / linux-rpi.git / blobdiff
? search:
summary | shortlog | log | commit | commitdiff | tree
raw | inline | side by side
smb3: Replace smb2pdu 1-element arrays with flex-arrays
[platform/kernel/linux-rpi.git] / fs / cifs / smb2pdu.c
diff --git a/fs/cifs/smb2pdu.c b/fs/cifs/smb2pdu.c
index 3bc0aa8..4982f5e 100644 (file)
--- a/fs/cifs/smb2pdu.c
+++ b/fs/cifs/smb2pdu.c
@@ -1373,7 +1373,7 @@ SMB2_sess_sendreceive(struct SMB2_sess_data *sess_data)
 
        /* Testing shows that buffer offset must be at location of Buffer[0] */
        req->SecurityBufferOffset =
-               cpu_to_le16(sizeof(struct smb2_sess_setup_req) - 1 /* pad */);
+               cpu_to_le16(sizeof(struct smb2_sess_setup_req));
        req->SecurityBufferLength = cpu_to_le16(sess_data->iov[1].iov_len);
 
        memset(&rqst, 0, sizeof(struct smb_rqst));
@@ -1892,8 +1892,7 @@ SMB2_tcon(const unsigned int xid, struct cifs_ses *ses, const char *tree,
        iov[0].iov_len = total_len - 1;
 
        /* Testing shows that buffer offset must be at location of Buffer[0] */
-       req->PathOffset = cpu_to_le16(sizeof(struct smb2_tree_connect_req)
-                       - 1 /* pad */);
+       req->PathOffset = cpu_to_le16(sizeof(struct smb2_tree_connect_req));
        req->PathLength = cpu_to_le16(unc_path_len);
        iov[1].iov_base = unc_path;
        iov[1].iov_len = unc_path_len;
@@ -3773,7 +3772,7 @@ SMB2_change_notify(const unsigned int xid, struct cifs_tcon *tcon,
                        ses->Suid, (u8)watch_tree, completion_filter);
                /* validate that notify information is plausible */
                if ((rsp_iov.iov_base == NULL) ||
-                   (rsp_iov.iov_len < sizeof(struct smb2_change_notify_rsp)))
+                   (rsp_iov.iov_len < sizeof(struct smb2_change_notify_rsp) + 1))
                        goto cnotify_exit;
 
                smb_rsp = (struct smb2_change_notify_rsp *)rsp_iov.iov_base;
@@ -4966,7 +4965,7 @@ int SMB2_query_directory_init(const unsigned int xid,
        memcpy(bufptr, &asteriks, len);
 
        req->FileNameOffset =
-               cpu_to_le16(sizeof(struct smb2_query_directory_req) - 1);
+               cpu_to_le16(sizeof(struct smb2_query_directory_req));
        req->FileNameLength = cpu_to_le16(len);
        /*
         * BB could be 30 bytes or so longer if we used SMB2 specific
@@ -5162,8 +5161,7 @@ SMB2_set_info_init(struct cifs_tcon *tcon, struct TCP_Server_Info *server,
        req->VolatileFileId = volatile_fid;
        req->AdditionalInformation = cpu_to_le32(additional_info);
 
-       req->BufferOffset =
-                       cpu_to_le16(sizeof(struct smb2_set_info_req) - 1);
+       req->BufferOffset = cpu_to_le16(sizeof(struct smb2_set_info_req));
        req->BufferLength = cpu_to_le32(*size);
 
        memcpy(req->Buffer, *data, *size);
@@ -5397,9 +5395,9 @@ build_qfs_info_req(struct kvec *iov, struct cifs_tcon *tcon,
        req->VolatileFileId = volatile_fid;
        /* 1 for pad */
        req->InputBufferOffset =
-                       cpu_to_le16(sizeof(struct smb2_query_info_req) - 1);
+                       cpu_to_le16(sizeof(struct smb2_query_info_req));
        req->OutputBufferLength = cpu_to_le32(
-               outbuf_len + sizeof(struct smb2_query_info_rsp) - 1);
+               outbuf_len + sizeof(struct smb2_query_info_rsp));
 
        iov->iov_base = (char *)req;
        iov->iov_len = total_len;
Domain: System / Kernel;