[lvc-project] [PATCH] ksmbd: Prevent integer overflow in calculation of deadtime
Namjae Jeon
linkinjeon at kernel.org
Tue Apr 15 04:00:14 MSK 2025
On Wed, Apr 9, 2025 at 6:05 PM Denis Arefev <arefev at swemel.ru> wrote:
>
> The user can set any value for 'deadtime'. This affects the arithmetic
> expression 'req->deadtime * SMB_ECHO_INTERVAL', which is subject to
> overflow. The added check makes the server behavior more predictable.
>
> Found by Linux Verification Center (linuxtesting.org) with SVACE.
>
> Fixes: 0626e6641f6b ("cifsd: add server handler for central processing and tranport layers")
> Cc: stable at vger.kernel.org
> Signed-off-by: Denis Arefev <arefev at swemel.ru>
Applied it to #ksmbd-for-next-next.
Thanks!
More information about the lvc-project
mailing list