diff mbox series

[12/12] smb: client: fix potential UAF in cifs_signal_cifsd_for_reconnect()

Message ID 20240402193404.236159-12-pc@manguebit.com
State New
Headers show
Series [01/12] smb: client: fix potential UAF in cifs_debug_files_proc_show() | expand

Commit Message

Paulo Alcantara April 2, 2024, 7:34 p.m. UTC 
Skip sessions that are being teared down (status == SES_EXITING) to
avoid UAF.

Signed-off-by: Paulo Alcantara (Red Hat) <pc@manguebit.com>
---
 fs/smb/client/connect.c | 2 ++
 1 file changed, 2 insertions(+)
diff mbox series

Patch

diff --git a/fs/smb/client/connect.c b/fs/smb/client/connect.c
index 95e4bda4fd51..85679ae106fd 100644
--- a/fs/smb/client/connect.c
+++ b/fs/smb/client/connect.c
@@ -175,6 +175,8 @@  cifs_signal_cifsd_for_reconnect(struct TCP_Server_Info *server,
 
 	spin_lock(&cifs_tcp_ses_lock);
 	list_for_each_entry(ses, &pserver->smb_ses_list, smb_ses_list) {
+		if (cifs_ses_exiting(ses))
+			continue;
 		spin_lock(&ses->chan_lock);
 		for (i = 0; i < ses->chan_count; i++) {
 			if (!ses->chans[i].server)