This is a note to let you know that I've just added the patch titled cifs: fix memory leak in smb2_copychunk_range to the 4.14-stable tree which can be found at: http://www.kernel.org/git/?p=linux/kernel/git/stable/stable-queue.git;a=summary The filename of the patch is: cifs-fix-memory-leak-in-smb2_copychunk_range.patch and it can be found in the queue-4.14 subdirectory. If you, or anyone else, feels it should not be added to the stable tree, please let <stable@xxxxxxxxxxxxxxx> know about it. >From d201d7631ca170b038e7f8921120d05eec70d7c5 Mon Sep 17 00:00:00 2001 From: Ronnie Sahlberg <lsahlber@xxxxxxxxxx> Date: Wed, 19 May 2021 08:40:11 +1000 Subject: cifs: fix memory leak in smb2_copychunk_range From: Ronnie Sahlberg <lsahlber@xxxxxxxxxx> commit d201d7631ca170b038e7f8921120d05eec70d7c5 upstream. When using smb2_copychunk_range() for large ranges we will run through several iterations of a loop calling SMB2_ioctl() but never actually free the returned buffer except for the final iteration. This leads to memory leaks everytime a large copychunk is requested. Fixes: 9bf0c9cd4314 ("CIFS: Fix SMB2/SMB3 Copy offload support (refcopy) for large files") Cc: <stable@xxxxxxxxxxxxxxx> Reviewed-by: Aurelien Aptel <aaptel@xxxxxxxx> Signed-off-by: Ronnie Sahlberg <lsahlber@xxxxxxxxxx> Signed-off-by: Steve French <stfrench@xxxxxxxxxxxxx> Signed-off-by: Greg Kroah-Hartman <gregkh@xxxxxxxxxxxxxxxxxxx> --- fs/cifs/smb2ops.c | 2 ++ 1 file changed, 2 insertions(+) --- a/fs/cifs/smb2ops.c +++ b/fs/cifs/smb2ops.c @@ -885,6 +885,8 @@ smb2_copychunk_range(const unsigned int cpu_to_le32(min_t(u32, len, tcon->max_bytes_chunk)); /* Request server copy to target from src identified by key */ + kfree(retbuf); + retbuf = NULL; rc = SMB2_ioctl(xid, tcon, trgtfile->fid.persistent_fid, trgtfile->fid.volatile_fid, FSCTL_SRV_COPYCHUNK_WRITE, true /* is_fsctl */, false /* use_ipc */, Patches currently in stable-queue which might be from lsahlber@xxxxxxxxxx are queue-4.14/cifs-fix-memory-leak-in-smb2_copychunk_range.patch