CIFS: fix uninitialized ptr deref in smb2 signing

server->secmech.sdeschmacsha256 is not properly initialized before
smb2_shash_allocate(), set shash after that call.

also fix typo in error message

Fixes: 8de8c4608fe9 ("cifs: Fix validation of signed data in smb2")

Signed-off-by: Aurelien Aptel <aaptel@suse.com>
Reviewed-by: Paulo Alcantara <palcantara@suse.com>
Reported-by: Xiaoli Feng <xifeng@redhat.com>
Signed-off-by: Steve French <stfrench@microsoft.com>
CC: Stable <stable@vger.kernel.org>

diff --git a/fs/cifs/smb2transport.c b/fs/cifs/smb2transport.c
index 3f77893..7b351c6 100644 (file)
--- a/fs/cifs/smb2transport.c
+++ b/fs/cifs/smb2transport.c
@@ -171,7 +171,7 @@ smb2_calc_signature(struct smb_rqst *rqst, struct TCP_Server_Info *server)
        struct kvec *iov = rqst->rq_iov;
        struct smb2_sync_hdr *shdr = (struct smb2_sync_hdr *)iov[0].iov_base;
        struct cifs_ses *ses;
-       struct shash_desc *shash = &server->secmech.sdeschmacsha256->shash;
+       struct shash_desc *shash;
        struct smb_rqst drqst;
 
        ses = smb2_find_smb_ses(server, shdr->SessionId);
@@ -185,7 +185,7 @@ smb2_calc_signature(struct smb_rqst *rqst, struct TCP_Server_Info *server)
 
        rc = smb2_crypto_shash_allocate(server);
        if (rc) {
-               cifs_dbg(VFS, "%s: shah256 alloc failed\n", __func__);
+               cifs_dbg(VFS, "%s: sha256 alloc failed\n", __func__);
                return rc;
        }
 
@@ -196,6 +196,7 @@ smb2_calc_signature(struct smb_rqst *rqst, struct TCP_Server_Info *server)
                return rc;
        }
 
+       shash = &server->secmech.sdeschmacsha256->shash;
        rc = crypto_shash_init(shash);
        if (rc) {
                cifs_dbg(VFS, "%s: Could not init sha256", __func__);