cifs: fix handling of scopeid in cifs_convert_address
The code finds, the '%' sign in an ipv6 address and copies that to a buffer allocated on the stack. It then ignores that buffer, and passes 'pct' to simple_strtoul(), which doesn't work right because we're comparing 'endp' against a completely different string. Fix it by passing the correct pointer. While we're at it, this is a good candidate for conversion to strict_strtoul as well. Cc: stable@kernel.org Cc: David Howells <dhowells@redhat.com> Reported-by: Björn JACKE <bj@sernet.de> Signed-off-by: Jeff Layton <jlayton@redhat.com> Signed-off-by: Steve French <sfrench@us.ibm.com>
This commit is contained in:
parent
a2640111d5
commit
9616125611
1 changed files with 4 additions and 4 deletions
|
@ -170,7 +170,7 @@ cifs_convert_address(struct sockaddr *dst, const char *src, int len)
|
||||||
{
|
{
|
||||||
int rc, alen, slen;
|
int rc, alen, slen;
|
||||||
const char *pct;
|
const char *pct;
|
||||||
char *endp, scope_id[13];
|
char scope_id[13];
|
||||||
struct sockaddr_in *s4 = (struct sockaddr_in *) dst;
|
struct sockaddr_in *s4 = (struct sockaddr_in *) dst;
|
||||||
struct sockaddr_in6 *s6 = (struct sockaddr_in6 *) dst;
|
struct sockaddr_in6 *s6 = (struct sockaddr_in6 *) dst;
|
||||||
|
|
||||||
|
@ -197,9 +197,9 @@ cifs_convert_address(struct sockaddr *dst, const char *src, int len)
|
||||||
memcpy(scope_id, pct + 1, slen);
|
memcpy(scope_id, pct + 1, slen);
|
||||||
scope_id[slen] = '\0';
|
scope_id[slen] = '\0';
|
||||||
|
|
||||||
s6->sin6_scope_id = (u32) simple_strtoul(pct, &endp, 0);
|
rc = strict_strtoul(scope_id, 0,
|
||||||
if (endp != scope_id + slen)
|
(unsigned long *)&s6->sin6_scope_id);
|
||||||
return 0;
|
rc = (rc == 0) ? 1 : 0;
|
||||||
}
|
}
|
||||||
|
|
||||||
return rc;
|
return rc;
|
||||||
|
|
Loading…
Reference in a new issue