| Message ID | 20171010230138.31832-1-lsahlber@redhat.com (mailing list archive) |
|---|---|
| State | New, archived |
| Headers | show |
probably should cc stable ... On Tue, Oct 10, 2017 at 6:01 PM, Ronnie Sahlberg <lsahlber@redhat.com> wrote: > Signed-off-by: Ronnie Sahlberg <lsahlber@redhat.com> > --- > fs/cifs/smb2pdu.c | 4 +++- > 1 file changed, 3 insertions(+), 1 deletion(-) > > diff --git a/fs/cifs/smb2pdu.c b/fs/cifs/smb2pdu.c > index 6f0e6343c15e..6ff4c275ca9a 100644 > --- a/fs/cifs/smb2pdu.c > +++ b/fs/cifs/smb2pdu.c > @@ -1255,7 +1255,7 @@ SMB2_tcon(const unsigned int xid, struct cifs_ses *ses, const char *tree, > struct smb2_tree_connect_req *req; > struct smb2_tree_connect_rsp *rsp = NULL; > struct kvec iov[2]; > - struct kvec rsp_iov; > + struct kvec rsp_iov = { NULL, 0 }; > int rc = 0; > int resp_buftype; > int unc_path_len; > @@ -1315,6 +1315,8 @@ SMB2_tcon(const unsigned int xid, struct cifs_ses *ses, const char *tree, > rc = SendReceive2(xid, ses, iov, 2, &resp_buftype, flags, &rsp_iov); > cifs_small_buf_release(req); > rsp = (struct smb2_tree_connect_rsp *)rsp_iov.iov_base; > + if (rsp == NULL) > + goto tcon_exit; > > if (rc != 0) { > if (tcon) { > -- > 2.13.3 >
Wah! I believe we worked on the exact same bug. I was just about to send a similar patch (coming up). The difference is the code still goes thru the block that sets the reconnect flag, which we should do I think. > rsp = (struct smb2_tree_connect_rsp *)rsp_iov.iov_base; > > if (rc != 0) { > if (tcon) { > cifs_stats_fail_inc(tcon, SMB2_TREE_CONNECT_HE); > tcon->need_reconnect = true; > } > goto tcon_error_exit; > } this block ^^^^^
merged into cifs-2.6.git for-next and cc: stable On Tue, Oct 10, 2017 at 6:01 PM, Ronnie Sahlberg <lsahlber@redhat.com> wrote: > Signed-off-by: Ronnie Sahlberg <lsahlber@redhat.com> > --- > fs/cifs/smb2pdu.c | 4 +++- > 1 file changed, 3 insertions(+), 1 deletion(-) > > diff --git a/fs/cifs/smb2pdu.c b/fs/cifs/smb2pdu.c > index 6f0e6343c15e..6ff4c275ca9a 100644 > --- a/fs/cifs/smb2pdu.c > +++ b/fs/cifs/smb2pdu.c > @@ -1255,7 +1255,7 @@ SMB2_tcon(const unsigned int xid, struct cifs_ses *ses, const char *tree, > struct smb2_tree_connect_req *req; > struct smb2_tree_connect_rsp *rsp = NULL; > struct kvec iov[2]; > - struct kvec rsp_iov; > + struct kvec rsp_iov = { NULL, 0 }; > int rc = 0; > int resp_buftype; > int unc_path_len; > @@ -1315,6 +1315,8 @@ SMB2_tcon(const unsigned int xid, struct cifs_ses *ses, const char *tree, > rc = SendReceive2(xid, ses, iov, 2, &resp_buftype, flags, &rsp_iov); > cifs_small_buf_release(req); > rsp = (struct smb2_tree_connect_rsp *)rsp_iov.iov_base; > + if (rsp == NULL) > + goto tcon_exit; > > if (rc != 0) { > if (tcon) { > -- > 2.13.3 >
diff --git a/fs/cifs/smb2pdu.c b/fs/cifs/smb2pdu.c index 6f0e6343c15e..6ff4c275ca9a 100644 --- a/fs/cifs/smb2pdu.c +++ b/fs/cifs/smb2pdu.c @@ -1255,7 +1255,7 @@ SMB2_tcon(const unsigned int xid, struct cifs_ses *ses, const char *tree, struct smb2_tree_connect_req *req; struct smb2_tree_connect_rsp *rsp = NULL; struct kvec iov[2]; - struct kvec rsp_iov; + struct kvec rsp_iov = { NULL, 0 }; int rc = 0; int resp_buftype; int unc_path_len; @@ -1315,6 +1315,8 @@ SMB2_tcon(const unsigned int xid, struct cifs_ses *ses, const char *tree, rc = SendReceive2(xid, ses, iov, 2, &resp_buftype, flags, &rsp_iov); cifs_small_buf_release(req); rsp = (struct smb2_tree_connect_rsp *)rsp_iov.iov_base; + if (rsp == NULL) + goto tcon_exit; if (rc != 0) { if (tcon) {
Signed-off-by: Ronnie Sahlberg <lsahlber@redhat.com> --- fs/cifs/smb2pdu.c | 4 +++- 1 file changed, 3 insertions(+), 1 deletion(-)