From 9d537f04b26ad3ac10399b4885f6dcd9112f7973 Mon Sep 17 00:00:00 2001
From: Daniel Baumann <daniel.baumann@progress-linux.org>
Date: Wed, 8 May 2024 06:21:42 +0200
Subject: Merging upstream version 4.19.304.

Signed-off-by: Daniel Baumann <daniel.baumann@progress-linux.org>
---
 fs/cifs/misc.c | 4 ++++
 1 file changed, 4 insertions(+)

(limited to 'fs/cifs/misc.c')

diff --git a/fs/cifs/misc.c b/fs/cifs/misc.c
index dd67f56ea..c9ebfff51 100644
--- a/fs/cifs/misc.c
+++ b/fs/cifs/misc.c
@@ -338,6 +338,10 @@ checkSMB(char *buf, unsigned int total_read, struct TCP_Server_Info *server)
 			cifs_dbg(VFS, "Length less than smb header size\n");
 		}
 		return -EIO;
+	} else if (total_read < sizeof(*smb) + 2 * smb->WordCount) {
+		cifs_dbg(VFS, "%s: can't read BCC due to invalid WordCount(%u)\n",
+			 __func__, smb->WordCount);
+		return -EIO;
 	}
 
 	/* otherwise, there is enough to get to the BCC */
-- 
cgit v1.2.3