вт, 9 апр. 2019 г. в 14:47, Ronnie Sahlberg <lsahlber@xxxxxxxxxx>:
>
> If we enter smb2_query_symlink() for something that is not a symlink
> and where the SMB2_open() would succeed we would never end up
> closing this handle and would thus leak a handle on the server.
>
> Fix this by immediately calling SMB2_close() on successfull open.
>
> Signed-off-by: Ronnie Sahlberg <lsahlber@xxxxxxxxxx>
> CC: Stable <stable@xxxxxxxxxxxxxxx>
> ---
> fs/cifs/smb2ops.c | 2 ++
> 1 file changed, 2 insertions(+)
>
> diff --git a/fs/cifs/smb2ops.c b/fs/cifs/smb2ops.c
> index 83a100dd2497..ab4737e3c31f 100644
> --- a/fs/cifs/smb2ops.c
> +++ b/fs/cifs/smb2ops.c
> @@ -2397,6 +2397,8 @@ smb2_query_symlink(const unsigned int xid, struct cifs_tcon *tcon,
>
> rc = SMB2_open(xid, &oparms, utf16_path, &oplock, NULL, &err_iov,
> &resp_buftype);
> + if (!rc)
> + SMB2_close(xid, tcon, fid.persistent_fid, fid.volatile_fid);
> if (!rc || !err_iov.iov_base) {
> rc = -ENOENT;
> goto free_path;
> --
> 2.13.6
>
Looks good.
Reviewed-by: Pavel Shilovsky <pshilov@xxxxxxxxxxxxx>
--
Best regards,
Pavel Shilovsky
