From: Greg Kroah-Hartman <gregkh@linuxfoundation.org>
To: linux-kernel@vger.kernel.org
Cc: Greg Kroah-Hartman <gregkh@linuxfoundation.org>,
stable@vger.kernel.org, Dan Carpenter <dan.carpenter@oracle.com>,
Namjae Jeon <linkinjeon@kernel.org>,
Steve French <stfrench@microsoft.com>
Subject: [PATCH 5.15 099/128] ksmbd: fix uninitialized symbol pntsd_size
Date: Mon, 27 Dec 2021 16:31:14 +0100 [thread overview]
Message-ID: <20211227151334.828936587@linuxfoundation.org> (raw)
In-Reply-To: <20211227151331.502501367@linuxfoundation.org>
From: Namjae Jeon <linkinjeon@kernel.org>
commit f2e78affc48dee29b989c1d9b0d89b503dcd1204 upstream.
No check for if "rc" is an error code for build_sec_desc().
This can cause problems with using uninitialized pntsd_size.
Fixes: e2f34481b24d ("cifsd: add server-side procedures for SMB3")
Cc: stable@vger.kernel.org # v5.15
Reported-by: Dan Carpenter <dan.carpenter@oracle.com>
Signed-off-by: Namjae Jeon <linkinjeon@kernel.org>
Signed-off-by: Steve French <stfrench@microsoft.com>
Signed-off-by: Greg Kroah-Hartman <gregkh@linuxfoundation.org>
---
fs/ksmbd/smb2pdu.c | 4 ++++
1 file changed, 4 insertions(+)
--- a/fs/ksmbd/smb2pdu.c
+++ b/fs/ksmbd/smb2pdu.c
@@ -2964,6 +2964,10 @@ int smb2_open(struct ksmbd_work *work)
&pntsd_size, &fattr);
posix_acl_release(fattr.cf_acls);
posix_acl_release(fattr.cf_dacls);
+ if (rc) {
+ kfree(pntsd);
+ goto err_out;
+ }
rc = ksmbd_vfs_set_sd_xattr(conn,
user_ns,
next prev parent reply other threads:[~2021-12-27 15:51 UTC|newest]
Thread overview: 138+ messages / expand[flat|nested] mbox.gz Atom feed top
2021-12-27 15:29 [PATCH 5.15 000/128] 5.15.12-rc1 review Greg Kroah-Hartman
2021-12-27 15:29 ` [PATCH 5.15 001/128] arm64: vdso32: require CROSS_COMPILE_COMPAT for gcc+bfd Greg Kroah-Hartman
2021-12-27 15:29 ` [PATCH 5.15 002/128] net: usb: lan78xx: add Allied Telesis AT29M2-AF Greg Kroah-Hartman
2021-12-27 15:29 ` [PATCH 5.15 003/128] ext4: prevent partial update of the extent blocks Greg Kroah-Hartman
2021-12-27 15:29 ` [PATCH 5.15 004/128] ext4: check for out-of-order index extents in ext4_valid_extent_entries() Greg Kroah-Hartman
2021-12-27 15:29 ` [PATCH 5.15 005/128] ext4: check for inconsistent extents between index and leaf block Greg Kroah-Hartman
2021-12-27 15:29 ` [PATCH 5.15 006/128] selftests: KVM: Fix non-x86 compiling Greg Kroah-Hartman
2021-12-27 15:29 ` [PATCH 5.15 007/128] HID: holtek: fix mouse probing Greg Kroah-Hartman
2021-12-27 15:29 ` [PATCH 5.15 008/128] HID: potential dereference of null pointer Greg Kroah-Hartman
2021-12-27 15:29 ` [PATCH 5.15 009/128] NFSD: Fix READDIR buffer overflow Greg Kroah-Hartman
2021-12-27 15:29 ` [PATCH 5.15 010/128] PM: sleep: Fix error handling in dpm_prepare() Greg Kroah-Hartman
2021-12-27 15:29 ` [PATCH 5.15 011/128] arm64: dts: allwinner: orangepi-zero-plus: fix PHY mode Greg Kroah-Hartman
2021-12-27 15:29 ` [PATCH 5.15 012/128] bus: sunxi-rsb: Fix shutdown Greg Kroah-Hartman
2021-12-27 15:29 ` [PATCH 5.15 013/128] spi: change clk_disable_unprepare to clk_unprepare Greg Kroah-Hartman
2021-12-27 15:29 ` [PATCH 5.15 014/128] ucounts: Fix rlimit max values check Greg Kroah-Hartman
2021-12-27 15:29 ` [PATCH 5.15 015/128] drm/mediatek: hdmi: Perform NULL pointer check for mtk_hdmi_conf Greg Kroah-Hartman
2021-12-27 15:29 ` [PATCH 5.15 016/128] ASoC: meson: aiu: fifo: Add missing dma_coerce_mask_and_coherent() Greg Kroah-Hartman
2021-12-27 15:29 ` [PATCH 5.15 017/128] RDMA/hns: Fix RNR retransmission issue for HIP08 Greg Kroah-Hartman
2021-12-27 15:29 ` [PATCH 5.15 018/128] IB/qib: Fix memory leak in qib_user_sdma_queue_pkts() Greg Kroah-Hartman
2021-12-27 15:29 ` [PATCH 5.15 019/128] RDMA/hns: Replace kfree() with kvfree() Greg Kroah-Hartman
2021-12-27 15:29 ` [PATCH 5.15 020/128] netfilter: nf_tables: fix use-after-free in nft_set_catchall_destroy() Greg Kroah-Hartman
2021-12-27 15:29 ` [PATCH 5.15 021/128] netfilter: fix regression in looped (broad|multi)casts MAC handling Greg Kroah-Hartman
2021-12-27 15:29 ` [PATCH 5.15 022/128] ARM: dts: imx6qdl-wandboard: Fix Ethernet support Greg Kroah-Hartman
2021-12-27 15:29 ` [PATCH 5.15 023/128] ice: Use xdp_buf instead of rx_buf for xsk zero-copy Greg Kroah-Hartman
2021-12-27 15:29 ` [PATCH 5.15 024/128] ice: xsk: return xsk buffers back to pool when cleaning the ring Greg Kroah-Hartman
2021-12-27 15:30 ` [PATCH 5.15 025/128] net: marvell: prestera: fix incorrect return of port_find Greg Kroah-Hartman
2021-12-27 15:30 ` [PATCH 5.15 026/128] net: marvell: prestera: fix incorrect structure access Greg Kroah-Hartman
2021-12-27 15:30 ` [PATCH 5.15 027/128] qlcnic: potential dereference null pointer of rx_queue->page_ring Greg Kroah-Hartman
2021-12-27 15:30 ` [PATCH 5.15 028/128] tcp: move inet->rx_dst_ifindex to sk->sk_rx_dst_ifindex Greg Kroah-Hartman
2021-12-27 15:30 ` [PATCH 5.15 029/128] ipv6: move inet6_sk(sk)->rx_dst_cookie to sk->sk_rx_dst_cookie Greg Kroah-Hartman
2021-12-27 15:30 ` [PATCH 5.15 030/128] inet: fully convert sk->sk_rx_dst to RCU rules Greg Kroah-Hartman
2021-12-27 15:30 ` [PATCH 5.15 031/128] net: accept UFOv6 packages in virtio_net_hdr_to_skb Greg Kroah-Hartman
2021-12-27 15:30 ` [PATCH 5.15 032/128] net: skip virtio_net_hdr_set_proto if protocol already set Greg Kroah-Hartman
2021-12-27 15:30 ` [PATCH 5.15 033/128] igb: fix deadlock caused by taking RTNL in RPM resume path Greg Kroah-Hartman
2021-12-27 15:30 ` [PATCH 5.15 034/128] ipmi: Fix UAF when uninstall ipmi_si and ipmi_msghandler module Greg Kroah-Hartman
2021-12-27 15:30 ` [PATCH 5.15 035/128] gpio: virtio: remove timeout Greg Kroah-Hartman
2021-12-27 15:30 ` [PATCH 5.15 036/128] bonding: fix ad_actor_system option setting to default Greg Kroah-Hartman
2021-12-27 15:30 ` [PATCH 5.15 037/128] fjes: Check for error irq Greg Kroah-Hartman
2021-12-27 15:30 ` [PATCH 5.15 038/128] drivers: net: smc911x: " Greg Kroah-Hartman
2021-12-27 15:30 ` [PATCH 5.15 039/128] net: ks8851: " Greg Kroah-Hartman
2021-12-27 15:30 ` [PATCH 5.15 040/128] sfc: Check null pointer of rx_queue->page_ring Greg Kroah-Hartman
2021-12-27 15:30 ` [PATCH 5.15 041/128] sfc: falcon: " Greg Kroah-Hartman
2021-12-27 15:30 ` [PATCH 5.15 042/128] asix: fix uninit-value in asix_mdio_read() Greg Kroah-Hartman
2021-12-27 15:30 ` [PATCH 5.15 043/128] asix: fix wrong return value in asix_check_host_enable() Greg Kroah-Hartman
2021-12-27 15:30 ` [PATCH 5.15 044/128] io_uring: zero iocb->ki_pos for stream file types Greg Kroah-Hartman
2021-12-27 15:30 ` [PATCH 5.15 045/128] veth: ensure skb entering GRO are not cloned Greg Kroah-Hartman
2021-12-27 15:30 ` [PATCH 5.15 046/128] net: stmmac: ptp: fix potentially overflowing expression Greg Kroah-Hartman
2021-12-27 15:30 ` [PATCH 5.15 047/128] net: bridge: Use array_size() helper in copy_to_user() Greg Kroah-Hartman
2021-12-27 15:30 ` [PATCH 5.15 048/128] net: bridge: fix ioctl old_deviceless bridge argument Greg Kroah-Hartman
2021-12-27 15:30 ` [PATCH 5.15 049/128] r8152: fix the force speed doesnt work for RTL8156 Greg Kroah-Hartman
2021-12-27 15:30 ` [PATCH 5.15 050/128] net: stmmac: dwmac-visconti: Fix value of ETHER_CLK_SEL_FREQ_SEL_2P5M Greg Kroah-Hartman
2021-12-27 15:30 ` [PATCH 5.15 051/128] Input: elantech - fix stack out of bound access in elantech_change_report_id() Greg Kroah-Hartman
2021-12-27 15:30 ` [PATCH 5.15 052/128] pinctrl: bcm2835: Change init order for gpio hogs Greg Kroah-Hartman
2021-12-27 15:30 ` [PATCH 5.15 053/128] hwmon: (lm90) Fix usage of CONFIG2 register in detect function Greg Kroah-Hartman
2021-12-27 15:30 ` [PATCH 5.15 054/128] hwmon: (lm90) Prevent integer overflow/underflow in hysteresis calculations Greg Kroah-Hartman
2021-12-27 15:30 ` [PATCH 5.15 055/128] hwmon: (lm90) Introduce flag indicating extended temperature support Greg Kroah-Hartman
2021-12-27 15:30 ` [PATCH 5.15 056/128] hwmon: (lm90) Add basic support for TI TMP461 Greg Kroah-Hartman
2021-12-27 15:30 ` [PATCH 5.15 057/128] hwmon: (lm90) Drop critical attribute support for MAX6654 Greg Kroah-Hartman
2021-12-27 15:30 ` [PATCH 5.15 058/128] ARM: 9160/1: NOMMU: Reload __secondary_data after PROCINFO_INITFUNC Greg Kroah-Hartman
2021-12-27 15:30 ` [PATCH 5.15 059/128] uapi: Fix undefined __always_inline on non-glibc systems Greg Kroah-Hartman
2021-12-27 15:30 ` [PATCH 5.15 060/128] compiler.h: Fix annotation macro misplacement with Clang Greg Kroah-Hartman
2021-12-27 15:30 ` [PATCH 5.15 061/128] platform/x86/intel: Remove X86_PLATFORM_DRIVERS_INTEL Greg Kroah-Hartman
2021-12-27 15:30 ` [PATCH 5.15 062/128] kernel/crash_core: suppress unknown crashkernel parameter warning Greg Kroah-Hartman
2021-12-27 15:30 ` [PATCH 5.15 063/128] Revert "x86/boot: Pull up cmdline preparation and early param parsing" Greg Kroah-Hartman
2021-12-27 15:30 ` [PATCH 5.15 064/128] x86/boot: Move EFI range reservation after cmdline parsing Greg Kroah-Hartman
2021-12-27 15:30 ` [PATCH 5.15 065/128] ALSA: jack: Check the return value of kstrdup() Greg Kroah-Hartman
2021-12-27 15:30 ` [PATCH 5.15 066/128] ALSA: drivers: opl3: Fix incorrect use of vp->state Greg Kroah-Hartman
2021-12-27 15:30 ` [PATCH 5.15 067/128] ALSA: rawmidi - fix the uninitalized user_pversion Greg Kroah-Hartman
2021-12-27 15:30 ` [PATCH 5.15 068/128] ALSA: hda/hdmi: Disable silent stream on GLK Greg Kroah-Hartman
2021-12-27 15:30 ` [PATCH 5.15 069/128] ALSA: hda/realtek: Amp init fixup for HP ZBook 15 G6 Greg Kroah-Hartman
2021-12-27 15:30 ` [PATCH 5.15 070/128] ALSA: hda/realtek: Add new alc285-hp-amp-init model Greg Kroah-Hartman
2021-12-27 15:30 ` [PATCH 5.15 071/128] ALSA: hda/realtek: fix mute/micmute LEDs for a HP ProBook Greg Kroah-Hartman
2021-12-27 15:30 ` [PATCH 5.15 072/128] ALSA: hda/realtek: Fix quirk for Clevo NJ51CU Greg Kroah-Hartman
2021-12-27 15:30 ` [PATCH 5.15 073/128] ASoC: meson: aiu: Move AIU_I2S_MISC hold setting to aiu-fifo-i2s Greg Kroah-Hartman
2021-12-27 15:30 ` [PATCH 5.15 074/128] ASoC: tegra: Add DAPM switches for headphones and mic jack Greg Kroah-Hartman
2021-12-27 15:30 ` [PATCH 5.15 075/128] ASoC: tegra: Restore headphones jack name on Nyan Big Greg Kroah-Hartman
2021-12-27 15:30 ` [PATCH 5.15 076/128] Input: atmel_mxt_ts - fix double free in mxt_read_info_block Greg Kroah-Hartman
2021-12-27 15:30 ` [PATCH 5.15 077/128] ipmi: bail out if init_srcu_struct fails Greg Kroah-Hartman
2021-12-27 15:30 ` [PATCH 5.15 078/128] ipmi: ssif: initialize ssif_info->client early Greg Kroah-Hartman
2021-12-27 15:30 ` [PATCH 5.15 079/128] ipmi: fix initialization when workqueue allocation fails Greg Kroah-Hartman
2021-12-27 15:30 ` [PATCH 5.15 080/128] parisc: Correct completer in lws start Greg Kroah-Hartman
2021-12-27 15:30 ` [PATCH 5.15 081/128] parisc: Fix mask used to select futex spinlock Greg Kroah-Hartman
2021-12-27 15:30 ` [PATCH 5.15 082/128] tee: handle lookup of shm with reference count 0 Greg Kroah-Hartman
2021-12-27 15:30 ` [PATCH 5.15 083/128] x86/pkey: Fix undefined behaviour with PKRU_WD_BIT Greg Kroah-Hartman
2021-12-27 15:30 ` [PATCH 5.15 084/128] platform/x86: amd-pmc: only use callbacks for suspend Greg Kroah-Hartman
2021-12-27 15:31 ` [PATCH 5.15 085/128] platform/x86: intel_pmc_core: fix memleak on registration failure Greg Kroah-Hartman
2021-12-27 15:31 ` [PATCH 5.15 086/128] KVM: x86: Always set kvm_run->if_flag Greg Kroah-Hartman
2021-12-27 15:31 ` [PATCH 5.15 087/128] KVM: x86/mmu: Dont advance iterator after restart due to yielding Greg Kroah-Hartman
2021-12-27 15:31 ` [PATCH 5.15 088/128] KVM: nVMX: Synthesize TRIPLE_FAULT for L2 if emulation is required Greg Kroah-Hartman
2021-12-27 15:31 ` [PATCH 5.15 089/128] KVM: VMX: Always clear vmx->fail on emulation_required Greg Kroah-Hartman
2021-12-27 15:31 ` [PATCH 5.15 090/128] KVM: VMX: Wake vCPU when delivering posted IRQ even if vCPU == this vCPU Greg Kroah-Hartman
2021-12-27 15:31 ` [PATCH 5.15 091/128] pinctrl: stm32: consider the GPIO offset to expose all the GPIO lines Greg Kroah-Hartman
2021-12-27 15:31 ` [PATCH 5.15 092/128] gpio: dln2: Fix interrupts when replugging the device Greg Kroah-Hartman
2021-12-27 15:31 ` [PATCH 5.15 093/128] mmc: sdhci-tegra: Fix switch to HS400ES mode Greg Kroah-Hartman
2021-12-27 15:31 ` [PATCH 5.15 094/128] mmc: meson-mx-sdhc: Set MANUAL_STOP for multi-block SDIO commands Greg Kroah-Hartman
2021-12-27 15:31 ` [PATCH 5.15 095/128] mmc: core: Disable card detect during shutdown Greg Kroah-Hartman
2021-12-27 15:31 ` [PATCH 5.15 096/128] mmc: mmci: stm32: clear DLYB_CR after sending tuning command Greg Kroah-Hartman
2021-12-27 15:31 ` [PATCH 5.15 097/128] ARM: 9169/1: entry: fix Thumb2 bug in iWMMXt exception handling Greg Kroah-Hartman
2021-12-27 15:31 ` [PATCH 5.15 098/128] ksmbd: fix error code in ndr_read_int32() Greg Kroah-Hartman
2021-12-27 15:31 ` Greg Kroah-Hartman [this message]
2021-12-27 15:31 ` [PATCH 5.15 100/128] ksmbd: disable SMB2_GLOBAL_CAP_ENCRYPTION for SMB 3.1.1 Greg Kroah-Hartman
2021-12-27 15:31 ` [PATCH 5.15 101/128] mac80211: fix locking in ieee80211_start_ap error path Greg Kroah-Hartman
2021-12-27 15:31 ` [PATCH 5.15 102/128] mm: mempolicy: fix THP allocations escaping mempolicy restrictions Greg Kroah-Hartman
2021-12-27 15:31 ` [PATCH 5.15 103/128] mm, hwpoison: fix condition in free hugetlb page path Greg Kroah-Hartman
2021-12-27 15:31 ` [PATCH 5.15 104/128] mm/hwpoison: clear MF_COUNT_INCREASED before retrying get_any_page() Greg Kroah-Hartman
2021-12-27 15:31 ` [PATCH 5.15 105/128] mm/damon/dbgfs: protect targets destructions with kdamond_lock Greg Kroah-Hartman
2021-12-27 15:31 ` [PATCH 5.15 106/128] tee: optee: Fix incorrect page free bug Greg Kroah-Hartman
2021-12-27 15:31 ` [PATCH 5.15 107/128] f2fs: fix to do sanity check on last xattr entry in __f2fs_setxattr() Greg Kroah-Hartman
2021-12-27 15:31 ` [PATCH 5.15 108/128] netfs: fix parameter of cleanup() Greg Kroah-Hartman
2021-12-27 15:31 ` [PATCH 5.15 109/128] KVM: VMX: Fix stale docs for kvm-intel.emulate_invalid_guest_state Greg Kroah-Hartman
2021-12-27 15:31 ` [PATCH 5.15 110/128] arm64: dts: lx2160a: fix scl-gpios property name Greg Kroah-Hartman
2021-12-27 15:31 ` [PATCH 5.15 111/128] kfence: fix memory leak when cat kfence objects Greg Kroah-Hartman
2021-12-27 15:31 ` [PATCH 5.15 112/128] Input: iqs626a - prohibit inlining of channel parsing functions Greg Kroah-Hartman
2021-12-27 15:31 ` [PATCH 5.15 113/128] Input: elants_i2c - do not check Remark ID on eKTH3900/eKTH5312 Greg Kroah-Hartman
2021-12-27 15:31 ` [PATCH 5.15 114/128] Input: i8042 - enable deferred probe quirk for ASUS UM325UA Greg Kroah-Hartman
2021-12-27 15:53 ` Samuel Čavoj
2021-12-27 16:00 ` Greg Kroah-Hartman
2021-12-27 15:31 ` [PATCH 5.15 115/128] Input: goodix - add id->model mapping for the "9111" model Greg Kroah-Hartman
2021-12-27 15:31 ` [PATCH 5.15 116/128] ASoC: tas2770: Fix setting of high sample rates Greg Kroah-Hartman
2021-12-27 15:31 ` [PATCH 5.15 117/128] ASoC: SOF: Intel: pci-tgl: add new ADL-P variant Greg Kroah-Hartman
2021-12-27 15:31 ` [PATCH 5.15 118/128] ASoC: SOF: Intel: pci-tgl: add ADL-N support Greg Kroah-Hartman
2021-12-27 15:31 ` [PATCH 5.15 119/128] ASoC: rt5682: fix the wrong jack type detected Greg Kroah-Hartman
2021-12-27 15:31 ` [PATCH 5.15 120/128] pinctrl: mediatek: fix global-out-of-bounds issue Greg Kroah-Hartman
2021-12-27 15:31 ` [PATCH 5.15 121/128] hwmom: (lm90) Fix citical alarm status for MAX6680/MAX6681 Greg Kroah-Hartman
2021-12-27 15:31 ` [PATCH 5.15 122/128] hwmon: (lm90) Do not report busy status bit as alarm Greg Kroah-Hartman
2021-12-27 15:31 ` [PATCH 5.15 123/128] r8152: sync ocp base Greg Kroah-Hartman
2021-12-27 15:31 ` [PATCH 5.15 124/128] ax25: NPD bug when detaching AX25 device Greg Kroah-Hartman
2021-12-27 15:31 ` [PATCH 5.15 125/128] hamradio: defer ax25 kfree after unregister_netdev Greg Kroah-Hartman
2021-12-27 15:31 ` [PATCH 5.15 126/128] hamradio: improve the incomplete fix to avoid NPD Greg Kroah-Hartman
2021-12-27 15:31 ` [PATCH 5.15 127/128] tun: avoid double free in tun_free_netdev Greg Kroah-Hartman
2021-12-27 15:31 ` [PATCH 5.15 128/128] phonet/pep: refuse to enable an unbound pipe Greg Kroah-Hartman
2021-12-27 18:32 ` [PATCH 5.15 000/128] 5.15.12-rc1 review Florian Fainelli
2021-12-28 8:01 ` Naresh Kamboju
2021-12-28 11:12 ` Rudi Heitbaum
2021-12-28 13:25 ` Sudip Mukherjee
2021-12-28 13:27 ` Jeffrin Jose T
2021-12-28 17:07 ` Guenter Roeck
2021-12-28 21:26 ` Shuah Khan
Reply instructions:
You may reply publicly to this message via plain-text email
using any one of the following methods:
* Save the following mbox file, import it into your mail client,
and reply-to-all from there: mbox
Avoid top-posting and favor interleaved quoting:
https://en.wikipedia.org/wiki/Posting_style#Interleaved_style
* Reply using the --to, --cc, and --in-reply-to
switches of git-send-email(1):
git send-email \
--in-reply-to=20211227151334.828936587@linuxfoundation.org \
--to=gregkh@linuxfoundation.org \
--cc=dan.carpenter@oracle.com \
--cc=linkinjeon@kernel.org \
--cc=linux-kernel@vger.kernel.org \
--cc=stable@vger.kernel.org \
--cc=stfrench@microsoft.com \
/path/to/YOUR_REPLY
https://kernel.org/pub/software/scm/git/docs/git-send-email.html
* If your mail client supports setting the In-Reply-To header
via mailto: links, try the mailto: link
Be sure your reply has a Subject: header at the top and a blank line
before the message body.
This is a public inbox, see mirroring instructions
for how to clone and mirror all data and code used for this inbox;
as well as URLs for NNTP newsgroup(s).