1 http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2009-1439
3 --- a/fs/cifs/connect.c
4 +++ b/fs/cifs/connect.c
5 @@ -3421,16 +3421,13 @@ CIFSTCon(unsigned int xid, struct cifsSe
6 BCC(smb_buffer_response)) {
7 kfree(tcon->nativeFileSystem);
8 tcon->nativeFileSystem =
9 - kzalloc(length + 2, GFP_KERNEL);
10 + kzalloc((4 * length) + 2, GFP_KERNEL);
11 if (tcon->nativeFileSystem)
13 tcon->nativeFileSystem,
15 length, nls_codepage);
16 - bcc_ptr += 2 * length;
17 - bcc_ptr[0] = 0; /* null terminate the string */
20 + bcc_ptr += (2 * length) + 2;
22 /* else do not bother copying these information fields*/