Commit 52baa51d authored Dec 12, 2018 by Ronnie Sahlberg Committed by Steve French Dec 23, 2018

cifs: remove coverity warning in calc_lanman_hash



password_with_pad is a fixed size buffer of 16 bytes, it contains a
password string, to be padded with \0 if shorter than 16 bytes
but is just truncated if longer.
It is not, and we do not depend on it to be, nul terminated.

As such, do not use strncpy() to populate this buffer since
the str* prefix suggests that this is a string, which it is not,
and it also confuses coverity causing a false warning.

Detected by CoverityScan CID#113743 ("Buffer not null terminated")

Signed-off-by: Ronnie Sahlberg <lsahlber@redhat.com>
Signed-off-by: Steve French <stfrench@microsoft.com>

parent 0f57451e

fs/cifs/cifsencrypt.c

+8 −3

Original line number	Diff line number	Diff line
		@@ -304,12 +304,17 @@ int setup_ntlm_response(struct cifs_ses ses, const struct nls_table nls_cp)
		int calc_lanman_hash(const char password, const char cryptkey, bool encrypt,
		char *lnm_session_key)
		{
		int i;
		int i, len;
		int rc;
		char password_with_pad[CIFS_ENCPWD_SIZE] = {0};

		if (password)
		strncpy(password_with_pad, password, CIFS_ENCPWD_SIZE);
		if (password) {
		for (len = 0; len < CIFS_ENCPWD_SIZE; len++)
		if (!password[len])
		break;

		memcpy(password_with_pad, password, len);
		}

		if (!encrypt && global_secflags & CIFSSEC_MAY_PLNTXT) {
		memcpy(lnm_session_key, password_with_pad,

Admin message