From: Namjae Jeon <namjae.jeon@samsung.com> mainline inclusion from mainline-5.15-rc1 commit b72802aa77dc2729b848057e96b6a2126182f75e category: feature bugzilla: https://gitee.com/openeuler/kernel/issues/I60T7G CVE: NA Reference: https://git.kernel.org/torvalds/linux/c/b72802aa77dc ------------------------------- Set error return value for memcmp() difference. Reviewed-by: Dan Carpenter <dan.carpenter@oracle.com> Signed-off-by: Namjae Jeon <namjae.jeon@samsung.com> Signed-off-by: Steve French <stfrench@microsoft.com> Signed-off-by: Jason Yan <yanaijie@huawei.com> Signed-off-by: Zhong Jinghua <zhongjinghua@huawei.com> --- fs/cifsd/auth.c | 6 ++++-- 1 file changed, 4 insertions(+), 2 deletions(-) diff --git a/fs/cifsd/auth.c b/fs/cifsd/auth.c index ed32052fbf93..adfb3b33f2e5 100644 --- a/fs/cifsd/auth.c +++ b/fs/cifsd/auth.c @@ -430,7 +430,8 @@ int ksmbd_auth_ntlmv2(struct ksmbd_session *sess, struct ntlmv2_resp *ntlmv2, goto out; } - rc = memcmp(ntlmv2->ntlmv2_hash, ntlmv2_rsp, CIFS_HMAC_MD5_HASH_SIZE); + if (memcmp(ntlmv2->ntlmv2_hash, ntlmv2_rsp, CIFS_HMAC_MD5_HASH_SIZE) != 0) + rc = -EINVAL; out: ksmbd_release_crypto_ctx(ctx); kfree(construct); @@ -469,7 +470,8 @@ static int __ksmbd_auth_ntlmv2(struct ksmbd_session *sess, char *client_nonce, goto out; } - rc = memcmp(ntlm_resp, key, CIFS_AUTH_RESP_SIZE); + if (memcmp(ntlm_resp, key, CIFS_AUTH_RESP_SIZE) != 0) + rc = -EINVAL; out: return rc; } -- 2.31.1