Patch "ksmbd: fix passing freed memory 'aux_payload_buf'" has been added to the 6.1-stable tree

[Sasha Levin <sashal@xxxxxxxxxx>]

This is a note to let you know that I've just added the patch titled

    ksmbd: fix passing freed memory 'aux_payload_buf'

to the 6.1-stable tree which can be found at:
    http://www.kernel.org/git/?p=linux/kernel/git/stable/stable-queue.git;a=summary

The filename of the patch is:
     ksmbd-fix-passing-freed-memory-aux_payload_buf.patch
and it can be found in the queue-6.1 subdirectory.

If you, or anyone else, feels it should not be added to the stable tree,
please let <stable@xxxxxxxxxxxxxxx> know about it.



commit af50bb43ac3da04dad814a1f4b9c5348a59938d5
Author: Namjae Jeon <linkinjeon@xxxxxxxxxx>
Date:   Sun Dec 31 16:13:01 2023 +0900

    ksmbd: fix passing freed memory 'aux_payload_buf'
    
    [ Upstream commit 59d8d24f4610333560cf2e8fe3f44cafe30322eb ]
    
    The patch e2b76ab8b5c9: "ksmbd: add support for read compound" leads
    to the following Smatch static checker warning:
    
      fs/smb/server/smb2pdu.c:6329 smb2_read()
            warn: passing freed memory 'aux_payload_buf'
    
    It doesn't matter that we're passing a freed variable because nbytes is
    zero. This patch set "aux_payload_buf = NULL" to make smatch silence.
    
    Fixes: e2b76ab8b5c9 ("ksmbd: add support for read compound")
    Reported-by: Dan Carpenter <dan.carpenter@xxxxxxxxxx>
    Signed-off-by: Namjae Jeon <linkinjeon@xxxxxxxxxx>
    Signed-off-by: Steve French <stfrench@xxxxxxxxxxxxx>
    Signed-off-by: Sasha Levin <sashal@xxxxxxxxxx>

diff --git a/fs/smb/server/smb2pdu.c b/fs/smb/server/smb2pdu.c
index b81a38803b40d..42697ea86d47b 100644
--- a/fs/smb/server/smb2pdu.c
+++ b/fs/smb/server/smb2pdu.c
@@ -6312,7 +6312,7 @@ int smb2_read(struct ksmbd_work *work)
 						      aux_payload_buf,
 						      nbytes);
 		kvfree(aux_payload_buf);
-
+		aux_payload_buf = NULL;
 		nbytes = 0;
 		if (remain_bytes < 0) {
 			err = (int)remain_bytes;