| Message ID | 20211124014511.12510-1-linkinjeon@kernel.org (mailing list archive) |
|---|---|
| State | New, archived |
| Headers | show |
| Series | ksmbd: fix memleak in get_file_stream_info() | expand |
2021년 11월 24일 (수) 오후 1:46, Namjae Jeon <linkinjeon@kernel.org>님이 작성: > > Fix memleak in get_file_stream_info() > > Fixes: 34061d6b76a4 ("ksmbd: validate OutputBufferLength of QUERY_DIR, QUERY_INFO, IOCTL requests") > Cc: stable@vger.kernel.org # v5.15 > Reported-by: Coverity Scan <scan-admin@coverity.com> > Signed-off-by: Namjae Jeon <linkinjeon@kernel.org> > --- Acked-by: Hyunchul Lee <hyc.lee@gmail.com> > fs/ksmbd/smb2pdu.c | 4 +++- > 1 file changed, 3 insertions(+), 1 deletion(-) > > diff --git a/fs/ksmbd/smb2pdu.c b/fs/ksmbd/smb2pdu.c > index 2067d5bab1b0..c70972b49da8 100644 > --- a/fs/ksmbd/smb2pdu.c > +++ b/fs/ksmbd/smb2pdu.c > @@ -4496,8 +4496,10 @@ static void get_file_stream_info(struct ksmbd_work *work, > ":%s", &stream_name[XATTR_NAME_STREAM_LEN]); > > next = sizeof(struct smb2_file_stream_info) + streamlen * 2; > - if (next > buf_free_len) > + if (next > buf_free_len) { > + kfree(stream_buf); > break; > + } > > file_info = (struct smb2_file_stream_info *)&rsp->Buffer[nbytes]; > streamlen = smbConvertToUTF16((__le16 *)file_info->StreamName, > -- > 2.25.1 >
diff --git a/fs/ksmbd/smb2pdu.c b/fs/ksmbd/smb2pdu.c index 2067d5bab1b0..c70972b49da8 100644 --- a/fs/ksmbd/smb2pdu.c +++ b/fs/ksmbd/smb2pdu.c @@ -4496,8 +4496,10 @@ static void get_file_stream_info(struct ksmbd_work *work, ":%s", &stream_name[XATTR_NAME_STREAM_LEN]); next = sizeof(struct smb2_file_stream_info) + streamlen * 2; - if (next > buf_free_len) + if (next > buf_free_len) { + kfree(stream_buf); break; + } file_info = (struct smb2_file_stream_info *)&rsp->Buffer[nbytes]; streamlen = smbConvertToUTF16((__le16 *)file_info->StreamName,
Fix memleak in get_file_stream_info() Fixes: 34061d6b76a4 ("ksmbd: validate OutputBufferLength of QUERY_DIR, QUERY_INFO, IOCTL requests") Cc: stable@vger.kernel.org # v5.15 Reported-by: Coverity Scan <scan-admin@coverity.com> Signed-off-by: Namjae Jeon <linkinjeon@kernel.org> --- fs/ksmbd/smb2pdu.c | 4 +++- 1 file changed, 3 insertions(+), 1 deletion(-)