[PATCH 1/2] SMB: fix leak of validate negotiate info response buffer
David Disseldorp
ddiss at suse.de
Sun Oct 22 14:16:37 UTC 2017
Hi Shu Wang,
On Fri, 20 Oct 2017 22:49:58 -0400 (EDT), Shu Wang wrote:
> > --- a/fs/cifs/smb2pdu.c
> > +++ b/fs/cifs/smb2pdu.c
> > @@ -648,7 +648,7 @@ int smb3_validate_negotiate(const unsigned int xid,
> > struct cifs_tcon *tcon)
> > {
> > int rc = 0;
> > struct validate_negotiate_info_req vneg_inbuf;
> > - struct validate_negotiate_info_rsp *pneg_rsp;
> > + struct validate_negotiate_info_rsp *pneg_rsp = NULL;
> > u32 rsplen;
> > u32 inbuflen; /* max of 4 dialects */
> >
>
> SMB2_ioctl will set pneg_rsp pointer to NULL, so it won't really
> cause any issue. Anyway, looks good to me.
Yeah, this hunk is unnecessary, but thought it might be helpful if
someone in future wants to jump to the error path prior to the
SMB2_ioctl() call. @Steve: feel free to drop it if you prefer.
Cheers, David
More information about the samba-technical
mailing list