| Message ID | 20240109133429.31752-1-pchelkin@ispras.ru (mailing list archive) |
|---|---|
| State | New, archived |
| Headers | show |
| Series | ksmbd: free ppace array on error in parse_dacl | expand |
2024-01-09 22:34 GMT+09:00, Fedor Pchelkin <pchelkin@ispras.ru>: > Free the ppace array if one of the init_acl_state() calls inside > parse_dacl() fails. At the moment the function may fail only due to the > memory allocation errors so it's highly unlikely in this case but > nevertheless a fix is needed. > > Found by Linux Verification Center (linuxtesting.org). > > Fixes: e2f34481b24d ("cifsd: add server-side procedures for SMB3") > Signed-off-by: Fedor Pchelkin <pchelkin@ispras.ru> > --- > fs/smb/server/smbacl.c | 5 ++++- > 1 file changed, 4 insertions(+), 1 deletion(-) > > diff --git a/fs/smb/server/smbacl.c b/fs/smb/server/smbacl.c > index 1164365533f0..e6d0537cab49 100644 > --- a/fs/smb/server/smbacl.c > +++ b/fs/smb/server/smbacl.c > @@ -406,11 +406,14 @@ static void parse_dacl(struct mnt_idmap *idmap, > return; > > ret = init_acl_state(&acl_state, num_aces); > - if (ret) > + if (ret) { > + kfree(ppace); > return; > + } > ret = init_acl_state(&default_acl_state, num_aces); > if (ret) { > free_acl_state(&acl_state); > + kfree(ppace); > return; > } Looks good to me. But rather than this, How about moving ppace allocation here ? Thanks for your patch. > > -- > 2.43.0 > >
diff --git a/fs/smb/server/smbacl.c b/fs/smb/server/smbacl.c index 1164365533f0..e6d0537cab49 100644 --- a/fs/smb/server/smbacl.c +++ b/fs/smb/server/smbacl.c @@ -406,11 +406,14 @@ static void parse_dacl(struct mnt_idmap *idmap, return; ret = init_acl_state(&acl_state, num_aces); - if (ret) + if (ret) { + kfree(ppace); return; + } ret = init_acl_state(&default_acl_state, num_aces); if (ret) { free_acl_state(&acl_state); + kfree(ppace); return; }
Free the ppace array if one of the init_acl_state() calls inside parse_dacl() fails. At the moment the function may fail only due to the memory allocation errors so it's highly unlikely in this case but nevertheless a fix is needed. Found by Linux Verification Center (linuxtesting.org). Fixes: e2f34481b24d ("cifsd: add server-side procedures for SMB3") Signed-off-by: Fedor Pchelkin <pchelkin@ispras.ru> --- fs/smb/server/smbacl.c | 5 ++++- 1 file changed, 4 insertions(+), 1 deletion(-)