From: Pavel Shilovsky <piastry@etersoft.ru>
Date: Tue, 25 Sep 2012 07:00:08 +0000 (+0400)
Subject: CIFS: Fix possible freed pointer dereference in CIFS_SessSetup
X-Git-Tag: Ubuntu-snapdragon-4.4.0-1029.32~12409^2~3
X-Git-Url: https://git.proxmox.com/?a=commitdiff_plain;h=f065fd099fc475333fc7a55677a7f64764445d55;p=mirror_ubuntu-zesty-kernel.git

CIFS: Fix possible freed pointer dereference in CIFS_SessSetup

Signed-off-by: Pavel Shilovsky <piastry@etersoft.ru>
Signed-off-by: Steve French <smfrench@gmail.com>
---

diff --git a/fs/cifs/sess.c b/fs/cifs/sess.c
index 382c06d01b38..76809f4d3428 100644
--- a/fs/cifs/sess.c
+++ b/fs/cifs/sess.c
@@ -876,7 +876,8 @@ ssetup_ntlmssp_authenticate:
 	pSMB = (SESSION_SETUP_ANDX *)iov[0].iov_base;
 	smb_buf = (struct smb_hdr *)iov[0].iov_base;
 
-	if ((type == RawNTLMSSP) && (smb_buf->Status.CifsError ==
+	if ((type == RawNTLMSSP) && (resp_buf_type != CIFS_NO_BUFFER) &&
+	    (smb_buf->Status.CifsError ==
 			cpu_to_le32(NT_STATUS_MORE_PROCESSING_REQUIRED))) {
 		if (phase != NtLmNegotiate) {
 			cERROR(1, "Unexpected more processing error");