Re: [PATCH 1/2] smb: client: fix off-by-8 bounds check in check_wsl_eas()

Next message: Lance Yang: "Re: [PATCH v2] mm/khugepaged: use ALIGN helpers for PMD alignment"
Previous message: Qingfang Deng: "[PATCH net v3 2/2] pppoe: drop PFC frames"
In reply to: Greg Kroah-Hartman: "Re: [PATCH 1/2] smb: client: fix off-by-8 bounds check in check_wsl_eas()"
Next in thread: Yuanfu Xie: "Re: [PATCH 1/2] smb: client: fix off-by-8 bounds check in check_wsl_eas()"
Messages sorted by: [ date ] [ thread ] [ subject ] [ author ]

From: ChenXiaoSong

Date: Wed Apr 08 2026 - 23:12:24 EST

Hi Steve,

Should we use `get_unaligned_le32()` to get unaligned data?

static inline kuid_t wsl_make_kuid(struct cifs_sb_info *cifs_sb,
void *ptr) { u32 uid = le32_to_cpu(*(__le32 *)ptr);
...
}

Additionally, does parsing these extended attributes cause unaligned memory
accesses?
When parsing WSL extended attributes, the code derives the value pointer
at an offset of ea_name_length (which is 6) plus 1 from ea_data. Since
ea is a 4-byte aligned structure, the value sits at an unaligned offset.
Helper functions like wsl_make_kuid() explicitly cast this unaligned
pointer to a 32-bit type and dereference it:
le32_to_cpu(*(__le32 *)v);
Could this trigger an unaligned access exception and crash the kernel on
architectures with strict alignment requirements?

--
ChenXiaoSong <chenxiaosong@xxxxxxxxxx>
Chinese Homepage: chenxiaosong.com
English Homepage: chenxiaosong.com/en