Commit:     39db810cb6c1e7d1f2e43ae38b437b7ee72fe815
Parent:     95ba7362105646523ee712fd252ec2e34ccbec15
Author:     Jeff Layton <[EMAIL PROTECTED]>
AuthorDate: Fri Aug 24 03:16:51 2007 +0000
Committer:  Steve French <[EMAIL PROTECTED]>
CommitDate: Fri Aug 24 03:16:51 2007 +0000

    [CIFS] Byte range unlock request to non-Unix server can unlock too much
    On a mount without posix extensions enabled, when an unlock request is
    made, the client can release more than is intended. To reproduce, on a
    CIFS mount without posix extensions enabled:
    1) open file
    2) do fcntl lock: start=0 len=1
    3) do fcntl lock: start=2 len=1
    4) do fcntl unlock: start=0 len=1
    ...on the unlock call the client sends an unlock request to the server
    for both locks. The problem is a bad test in cifs_lock.
    Signed-off-by: Jeff Layton <[EMAIL PROTECTED]>
    Signed-off-by: Steve French <[EMAIL PROTECTED]>
 fs/cifs/CHANGES |    5 ++++-
 fs/cifs/file.c  |    3 ++-
 2 files changed, 6 insertions(+), 2 deletions(-)

diff --git a/fs/cifs/CHANGES b/fs/cifs/CHANGES
index bed6215..41e3b6a 100644
--- a/fs/cifs/CHANGES
+++ b/fs/cifs/CHANGES
@@ -6,7 +6,10 @@ done with "serverino" mount option).  Add support for POSIX 
 Samba supports newer POSIX CIFS Protocol Extensions). Add "nounix"
 mount option to allow disabling the CIFS Unix Extensions for just
 that mount. Fix hang on spinlock in find_writable_file (race when
-reopening file after session crash).
+reopening file after session crash).  Byte range unlock request to
+windows server could unlock more bytes (on server copy of file)
+than intended if start of unlock request is well before start of
+a previous byte range lock that we issued.
 Version 1.49
diff --git a/fs/cifs/file.c b/fs/cifs/file.c
index 894b1f7..f9bd8b8 100644
--- a/fs/cifs/file.c
+++ b/fs/cifs/file.c
@@ -767,7 +767,8 @@ int cifs_lock(struct file *file, int cmd, struct file_lock 
                        list_for_each_entry_safe(li, tmp, &fid->llist, llist) {
                                if (pfLock->fl_start <= li->offset &&
-                                               length >= li->length) {
+                                               (pflock->fl_start + length) >=
+                                               (li->offset + li->length)) {
                                        stored_rc = CIFSSMBLock(xid, pTcon,
                                                        li->length, li->offset,
To unsubscribe from this list: send the line "unsubscribe git-commits-head" in
the body of a message to [EMAIL PROTECTED]
More majordomo info at

Reply via email to