Home Explore Help
Register Sign In
phyus
/
linux-vybrid_public
8
0
Fork 0
Files Issues 0 Pull Requests 0 Wiki
Browse Source

cifs: fix SID binary to string conversion

The authority fields are supposed to be represented by a single 48-bit
value. It's also supposed to represent the value as hex if it's equal to
or greater than 2^32. This is documented in MS-DTYP, section 2.4.2.1.

Also, fix up the max string length to account for this fix.

Acked-by: Pavel Shilovsky <piastry@etersoft.ru>
Signed-off-by: Jeff Layton <jlayton@redhat.com>
Signed-off-by: Steve French <smfrench@gmail.com>
Jeff Layton 12 years ago
parent
6d8b59d712
commit
193cdd8a29
2 changed files with 24 additions and 9 deletions
Split View Show Diff Stats
  1. 19 6
      fs/cifs/cifsacl.c
  2. 5 3
      fs/cifs/cifsacl.h

+ 19 - 6
fs/cifs/cifsacl.c
View File 

@@ -94,6 +94,7 @@ sid_to_key_str(struct cifs_sid *sidptr, unsigned int type)
 
 	int i, len;
 
 	unsigned int saval;
 
 	char *sidstr, *strptr;
 
+	unsigned long long id_auth_val;
 
 
 	/* 3 bytes for prefix */
 
 	sidstr = kmalloc(3 + SID_STRING_BASE_SIZE +
 
@@ -107,12 +108,24 @@ sid_to_key_str(struct cifs_sid *sidptr, unsigned int type)
 
 			sidptr->revision);
 
 	strptr += len;
 
 
-	for (i = 0; i < NUM_AUTHS; ++i) {
 
-		if (sidptr->authority[i]) {
 
-			len = sprintf(strptr, "-%hhu", sidptr->authority[i]);
 
-			strptr += len;
 
-		}
 
-	}
 
+	/* The authority field is a single 48-bit number */
 
+	id_auth_val = (unsigned long long)sidptr->authority[5];
 
+	id_auth_val |= (unsigned long long)sidptr->authority[4] << 8;
 
+	id_auth_val |= (unsigned long long)sidptr->authority[3] << 16;
 
+	id_auth_val |= (unsigned long long)sidptr->authority[2] << 24;
 
+	id_auth_val |= (unsigned long long)sidptr->authority[1] << 32;
 
+	id_auth_val |= (unsigned long long)sidptr->authority[0] << 48;
 
+
 
+	/*
 
+	 * MS-DTYP states that if the authority is >= 2^32, then it should be
 
+	 * expressed as a hex value.
 
+	 */
 
+	if (id_auth_val <= UINT_MAX)
 
+		len = sprintf(strptr, "-%llu", id_auth_val);
 
+	else
 
+		len = sprintf(strptr, "-0x%llx", id_auth_val);
 
+
 
+	strptr += len;
 
 
 	for (i = 0; i < sidptr->num_subauth; ++i) {
 
 		saval = le32_to_cpu(sidptr->sub_auth[i]);

+ 5 - 3
fs/cifs/cifsacl.h
View File 

@@ -55,12 +55,14 @@
 
  * u8:  max 3 bytes in decimal
 
  * u32: max 10 bytes in decimal
 
  *
 
- * "S-" + 3 bytes for version field + 4 bytes for each authority field (3 bytes
 
- * per number + 1 for '-') + NULL terminator.
 
+ * "S-" + 3 bytes for version field + 15 for authority field + NULL terminator
 
+ *
 
+ * For authority field, max is when all 6 values are non-zero and it must be
 
+ * represented in hex. So "-0x" + 12 hex digits.
 
  *
 
  * Add 11 bytes for each subauthority field (10 bytes each + 1 for '-')
 
  */
 
-#define SID_STRING_BASE_SIZE (2 + 3 + (4 * NUM_AUTHS) + 1)
 
+#define SID_STRING_BASE_SIZE (2 + 3 + 15 + 1)
 
 #define SID_STRING_SUBAUTH_SIZE (11) /* size of a single subauth string */
 
 
 struct cifs_ntsd {