cifs: fix handle leak in smb2_query_symlink()
diff mbox series

Message ID 20190409214722.27472-1-lsahlber@redhat.com
State New
Headers show
Series
  • cifs: fix handle leak in smb2_query_symlink()
Related show

Commit Message

Ronnie Sahlberg April 9, 2019, 9:47 p.m. UTC
If we enter smb2_query_symlink() for something that is not a symlink
and where the SMB2_open() would succeed we would never end up
closing this handle and would thus leak a handle on the server.

Fix this by immediately calling SMB2_close() on successfull open.

Signed-off-by: Ronnie Sahlberg <lsahlber@redhat.com>
CC: Stable <stable@vger.kernel.org>
---
 fs/cifs/smb2ops.c | 2 ++
 1 file changed, 2 insertions(+)

Comments

Pavel Shilovsky April 9, 2019, 10:06 p.m. UTC | #1
вт, 9 апр. 2019 г. в 14:47, Ronnie Sahlberg <lsahlber@redhat.com>:
>
> If we enter smb2_query_symlink() for something that is not a symlink
> and where the SMB2_open() would succeed we would never end up
> closing this handle and would thus leak a handle on the server.
>
> Fix this by immediately calling SMB2_close() on successfull open.
>
> Signed-off-by: Ronnie Sahlberg <lsahlber@redhat.com>
> CC: Stable <stable@vger.kernel.org>
> ---
>  fs/cifs/smb2ops.c | 2 ++
>  1 file changed, 2 insertions(+)
>
> diff --git a/fs/cifs/smb2ops.c b/fs/cifs/smb2ops.c
> index 83a100dd2497..ab4737e3c31f 100644
> --- a/fs/cifs/smb2ops.c
> +++ b/fs/cifs/smb2ops.c
> @@ -2397,6 +2397,8 @@ smb2_query_symlink(const unsigned int xid, struct cifs_tcon *tcon,
>
>         rc = SMB2_open(xid, &oparms, utf16_path, &oplock, NULL, &err_iov,
>                        &resp_buftype);
> +       if (!rc)
> +               SMB2_close(xid, tcon, fid.persistent_fid, fid.volatile_fid);
>         if (!rc || !err_iov.iov_base) {
>                 rc = -ENOENT;
>                 goto free_path;
> --
> 2.13.6
>

Looks good.

Reviewed-by: Pavel Shilovsky <pshilov@microsoft.com>

--
Best regards,
Pavel Shilovsky

Patch
diff mbox series

diff --git a/fs/cifs/smb2ops.c b/fs/cifs/smb2ops.c
index 83a100dd2497..ab4737e3c31f 100644
--- a/fs/cifs/smb2ops.c
+++ b/fs/cifs/smb2ops.c
@@ -2397,6 +2397,8 @@  smb2_query_symlink(const unsigned int xid, struct cifs_tcon *tcon,
 
 	rc = SMB2_open(xid, &oparms, utf16_path, &oplock, NULL, &err_iov,
 		       &resp_buftype);
+	if (!rc)
+		SMB2_close(xid, tcon, fid.persistent_fid, fid.volatile_fid);
 	if (!rc || !err_iov.iov_base) {
 		rc = -ENOENT;
 		goto free_path;