cifs: Fix buffer size in cifs_convertUCSpath

Relevant commits 7fabf0c9479fef9fdb9528a5fbdb1cb744a744a4 and
f58841666bc22e827ca0dcef7b71c7bc2758ce82. The upstream commits adds
cifs_from_ucs2 that includes functionality of cifs_convertUCSpath and
does cleanup.

Reported-by: Jeff Layton <jlayton@redhat.com>
Signed-off-by: Suresh Jayaraman <sjayaraman@suse.de>
Acked-by: Steve French <sfrench@us.ibm.com>
Acked-by: Jeff Layton <jlayton@redhat.com>
Signed-off-by: Greg Kroah-Hartman <gregkh@suse.de>

diff --git a/fs/cifs/misc.c b/fs/cifs/misc.c
index 4c89c572891aefc06ec45338603fd24f273294a4..b2990b1d19759b6b0b736a7e1ca9fe26d04a693c 100644 (file)
--- a/fs/cifs/misc.c
+++ b/fs/cifs/misc.c
@@ -691,14 +691,15 @@ cifs_convertUCSpath(char *target, const __le16 *source, int maxlen,
                                                NLS_MAX_CHARSET_SIZE);
                                if (len > 0) {
                                        j += len;
-                                       continue;
+                                       goto overrun_chk;
                                } else {
                                        target[j] = '?';
                                }
                }
                j++;
                /* make sure we do not overrun callers allocated temp buffer */
-               if (j >= (2 * NAME_MAX))
+overrun_chk:
+               if (j >= UNICODE_NAME_MAX)
                        break;
        }
 cUCS_out: