2024-01-09 22:34 GMT+09:00, Fedor Pchelkin <pchelkin@xxxxxxxxx>:
> Free the ppace array if one of the init_acl_state() calls inside
> parse_dacl() fails. At the moment the function may fail only due to the
> memory allocation errors so it's highly unlikely in this case but
> nevertheless a fix is needed.
>
> Found by Linux Verification Center (linuxtesting.org).
>
> Fixes: e2f34481b24d ("cifsd: add server-side procedures for SMB3")
> Signed-off-by: Fedor Pchelkin <pchelkin@xxxxxxxxx>
> ---
> fs/smb/server/smbacl.c | 5 ++++-
> 1 file changed, 4 insertions(+), 1 deletion(-)
>
> diff --git a/fs/smb/server/smbacl.c b/fs/smb/server/smbacl.c
> index 1164365533f0..e6d0537cab49 100644
> --- a/fs/smb/server/smbacl.c
> +++ b/fs/smb/server/smbacl.c
> @@ -406,11 +406,14 @@ static void parse_dacl(struct mnt_idmap *idmap,
> return;
>
> ret = init_acl_state(&acl_state, num_aces);
> - if (ret)
> + if (ret) {
> + kfree(ppace);
> return;
> + }
> ret = init_acl_state(&default_acl_state, num_aces);
> if (ret) {
> free_acl_state(&acl_state);
> + kfree(ppace);
> return;
> }
Looks good to me.
But rather than this, How about moving ppace allocation here ?
Thanks for your patch.
>
> --
> 2.43.0
>
>
