linux-cifs.vger.kernel.org archive mirror
 help / color / mirror / Atom feed
* [PATCH] cifs: fix handle leak in smb2_query_symlink()
@ 2019-04-09 21:47 Ronnie Sahlberg
  2019-04-09 22:06 ` Pavel Shilovsky
  0 siblings, 1 reply; 2+ messages in thread
From: Ronnie Sahlberg @ 2019-04-09 21:47 UTC (permalink / raw)
  To: linux-cifs; +Cc: Steve French, Stable, Ronnie Sahlberg

If we enter smb2_query_symlink() for something that is not a symlink
and where the SMB2_open() would succeed we would never end up
closing this handle and would thus leak a handle on the server.

Fix this by immediately calling SMB2_close() on successfull open.

Signed-off-by: Ronnie Sahlberg <lsahlber@redhat.com>
CC: Stable <stable@vger.kernel.org>
---
 fs/cifs/smb2ops.c | 2 ++
 1 file changed, 2 insertions(+)

diff --git a/fs/cifs/smb2ops.c b/fs/cifs/smb2ops.c
index 83a100dd2497..ab4737e3c31f 100644
--- a/fs/cifs/smb2ops.c
+++ b/fs/cifs/smb2ops.c
@@ -2397,6 +2397,8 @@ smb2_query_symlink(const unsigned int xid, struct cifs_tcon *tcon,
 
 	rc = SMB2_open(xid, &oparms, utf16_path, &oplock, NULL, &err_iov,
 		       &resp_buftype);
+	if (!rc)
+		SMB2_close(xid, tcon, fid.persistent_fid, fid.volatile_fid);
 	if (!rc || !err_iov.iov_base) {
 		rc = -ENOENT;
 		goto free_path;
-- 
2.13.6


^ permalink raw reply related	[flat|nested] 2+ messages in thread
* Re: [PATCH] cifs: fix handle leak in smb2_query_symlink()
  2019-04-09 21:47 [PATCH] cifs: fix handle leak in smb2_query_symlink() Ronnie Sahlberg
@ 2019-04-09 22:06 ` Pavel Shilovsky
  0 siblings, 0 replies; 2+ messages in thread
From: Pavel Shilovsky @ 2019-04-09 22:06 UTC (permalink / raw)
  To: Ronnie Sahlberg; +Cc: linux-cifs, Steve French, Stable

вт, 9 апр. 2019 г. в 14:47, Ronnie Sahlberg <lsahlber@redhat.com>:
>
> If we enter smb2_query_symlink() for something that is not a symlink
> and where the SMB2_open() would succeed we would never end up
> closing this handle and would thus leak a handle on the server.
>
> Fix this by immediately calling SMB2_close() on successfull open.
>
> Signed-off-by: Ronnie Sahlberg <lsahlber@redhat.com>
> CC: Stable <stable@vger.kernel.org>
> ---
>  fs/cifs/smb2ops.c | 2 ++
>  1 file changed, 2 insertions(+)
>
> diff --git a/fs/cifs/smb2ops.c b/fs/cifs/smb2ops.c
> index 83a100dd2497..ab4737e3c31f 100644
> --- a/fs/cifs/smb2ops.c
> +++ b/fs/cifs/smb2ops.c
> @@ -2397,6 +2397,8 @@ smb2_query_symlink(const unsigned int xid, struct cifs_tcon *tcon,
>
>         rc = SMB2_open(xid, &oparms, utf16_path, &oplock, NULL, &err_iov,
>                        &resp_buftype);
> +       if (!rc)
> +               SMB2_close(xid, tcon, fid.persistent_fid, fid.volatile_fid);
>         if (!rc || !err_iov.iov_base) {
>                 rc = -ENOENT;
>                 goto free_path;
> --
> 2.13.6
>

Looks good.

Reviewed-by: Pavel Shilovsky <pshilov@microsoft.com>

--
Best regards,
Pavel Shilovsky

^ permalink raw reply	[flat|nested] 2+ messages in thread
end of thread, other threads:[~2019-04-09 22:06 UTC | newest]

Thread overview: 2+ messages (download: mbox.gz / follow: Atom feed)
-- links below jump to the message on this page --
2019-04-09 21:47 [PATCH] cifs: fix handle leak in smb2_query_symlink() Ronnie Sahlberg
2019-04-09 22:06 ` Pavel Shilovsky

This is a public inbox, see mirroring instructions
for how to clone and mirror all data and code used for this inbox;
as well as URLs for NNTP newsgroup(s).