* [PATCH] cifs: fix handle leak in smb2_query_symlink()
@ 2019-04-09 21:47 Ronnie Sahlberg
2019-04-09 22:06 ` Pavel Shilovsky
0 siblings, 1 reply; 2+ messages in thread
From: Ronnie Sahlberg @ 2019-04-09 21:47 UTC (permalink / raw)
To: linux-cifs; +Cc: Steve French, Stable, Ronnie Sahlberg
If we enter smb2_query_symlink() for something that is not a symlink
and where the SMB2_open() would succeed we would never end up
closing this handle and would thus leak a handle on the server.
Fix this by immediately calling SMB2_close() on successfull open.
Signed-off-by: Ronnie Sahlberg <lsahlber@redhat.com>
CC: Stable <stable@vger.kernel.org>
---
fs/cifs/smb2ops.c | 2 ++
1 file changed, 2 insertions(+)
diff --git a/fs/cifs/smb2ops.c b/fs/cifs/smb2ops.c
index 83a100dd2497..ab4737e3c31f 100644
--- a/fs/cifs/smb2ops.c
+++ b/fs/cifs/smb2ops.c
@@ -2397,6 +2397,8 @@ smb2_query_symlink(const unsigned int xid, struct cifs_tcon *tcon,
rc = SMB2_open(xid, &oparms, utf16_path, &oplock, NULL, &err_iov,
&resp_buftype);
+ if (!rc)
+ SMB2_close(xid, tcon, fid.persistent_fid, fid.volatile_fid);
if (!rc || !err_iov.iov_base) {
rc = -ENOENT;
goto free_path;
--
2.13.6
^ permalink raw reply related [flat|nested] 2+ messages in thread
* Re: [PATCH] cifs: fix handle leak in smb2_query_symlink()
2019-04-09 21:47 [PATCH] cifs: fix handle leak in smb2_query_symlink() Ronnie Sahlberg
@ 2019-04-09 22:06 ` Pavel Shilovsky
0 siblings, 0 replies; 2+ messages in thread
From: Pavel Shilovsky @ 2019-04-09 22:06 UTC (permalink / raw)
To: Ronnie Sahlberg; +Cc: linux-cifs, Steve French, Stable
вт, 9 апр. 2019 г. в 14:47, Ronnie Sahlberg <lsahlber@redhat.com>:
>
> If we enter smb2_query_symlink() for something that is not a symlink
> and where the SMB2_open() would succeed we would never end up
> closing this handle and would thus leak a handle on the server.
>
> Fix this by immediately calling SMB2_close() on successfull open.
>
> Signed-off-by: Ronnie Sahlberg <lsahlber@redhat.com>
> CC: Stable <stable@vger.kernel.org>
> ---
> fs/cifs/smb2ops.c | 2 ++
> 1 file changed, 2 insertions(+)
>
> diff --git a/fs/cifs/smb2ops.c b/fs/cifs/smb2ops.c
> index 83a100dd2497..ab4737e3c31f 100644
> --- a/fs/cifs/smb2ops.c
> +++ b/fs/cifs/smb2ops.c
> @@ -2397,6 +2397,8 @@ smb2_query_symlink(const unsigned int xid, struct cifs_tcon *tcon,
>
> rc = SMB2_open(xid, &oparms, utf16_path, &oplock, NULL, &err_iov,
> &resp_buftype);
> + if (!rc)
> + SMB2_close(xid, tcon, fid.persistent_fid, fid.volatile_fid);
> if (!rc || !err_iov.iov_base) {
> rc = -ENOENT;
> goto free_path;
> --
> 2.13.6
>
Looks good.
Reviewed-by: Pavel Shilovsky <pshilov@microsoft.com>
--
Best regards,
Pavel Shilovsky
^ permalink raw reply [flat|nested] 2+ messages in thread
end of thread, other threads:[~2019-04-09 22:06 UTC | newest]
Thread overview: 2+ messages (download: mbox.gz / follow: Atom feed)
-- links below jump to the message on this page --
2019-04-09 21:47 [PATCH] cifs: fix handle leak in smb2_query_symlink() Ronnie Sahlberg
2019-04-09 22:06 ` Pavel Shilovsky
This is a public inbox, see mirroring instructions
for how to clone and mirror all data and code used for this inbox;
as well as URLs for NNTP newsgroup(s).