cifs: ntstatus_to_dos_map[] is not terminated

Functions that walk the ntstatus_to_dos_map[] array could
run off the end. For example, ntstatus_to_dos() loops
while ntstatus_to_dos_map[].ntstatus is not 0. Granted,
this is mostly theoretical, but could be used as a DOS attack
if the error code in the SMB header is bogus.

[Might consider adding to stable, as this patch is low risk - Steve]

Reviewed-by: Jeff Layton <[email protected]>
Signed-off-by: Tim Gardner <[email protected]>
Signed-off-by: Steve French <[email protected]>

0 files changed, 0 insertions, 0 deletions