[PATCH][focal/linux, bionic/linux, hirsute/linux, hirsute/linux-azure] Revert "CIFS: Fix a potencially linear read overflow"

[Tim Gardner]

BugLink: https://bugs.launchpad.net/bugs/1952094

This reverts commit 3d5631a27ec4767ac80dbf553f9ae501b18e07e3.

This stable patch causes a regression. There are no subsequent
upstream fixes.

Signed-off-by: Tim Gardner <tim.gardner at canonical.com>
---

I'll ask the upstream reviewers about reverting or fixing this patch.
Its been included in many stable releases:

linux-4.4.y.txt:0955df2d9bf4857e3e2287e3028903e6cec06c30 CIFS: Fix a potencially linear read overflow
linux-4.9.y.txt:8878af780747f498551b7d360cae61b415798f18 CIFS: Fix a potencially linear read overflow
linux-4.14.y.txt:20967547ffc6039f17c63a1c24eb779ee166b245 CIFS: Fix a potencially linear read overflow
linux-4.19.y.txt:bea655491daf39f1934a71bf576bf3499092d3a4 CIFS: Fix a potencially linear read overflow
linux-5.4.y.txt:b444064a0e0ef64491b8739a9ae05a952b5f8974 CIFS: Fix a potencially linear read overflow
linux-5.10.y.txt:6c4857203ffa36918136756a889b12c5864bc4ad CIFS: Fix a potencially linear read overflow
linux-5.13.y.txt:9bffe470e9b537075345406512df01ca2188b725 CIFS: Fix a potencially linear read overflow
linux-5.14.y.txt:c41dd61c86482ab34f6f039b13296308018fd99b CIFS: Fix a potencially linear read overflow

rtg
---
 fs/cifs/cifs_unicode.c | 9 +++++++--
 1 file changed, 7 insertions(+), 2 deletions(-)

diff --git a/fs/cifs/cifs_unicode.c b/fs/cifs/cifs_unicode.c
index 171ad8b42107e..9bd03a2310328 100644
--- a/fs/cifs/cifs_unicode.c
+++ b/fs/cifs/cifs_unicode.c
@@ -358,9 +358,14 @@ cifs_strndup_from_utf16(const char *src, const int maxlen,
 		if (!dst)
 			return NULL;
 		cifs_from_utf16(dst, (__le16 *) src, len, maxlen, codepage,
-				NO_MAP_UNI_RSVD);
+			       NO_MAP_UNI_RSVD);
 	} else {
-		dst = kstrndup(src, maxlen, GFP_KERNEL);
+		len = strnlen(src, maxlen);
+		len++;
+		dst = kmalloc(len, GFP_KERNEL);
+		if (!dst)
+			return NULL;
+		strlcpy(dst, src, len);
 	}
 
 	return dst;
-- 
2.34.1