cifs: fix handle leak in smb2_query_symlink() [Linux 3.16.72]

This Linux kernel change "cifs: fix handle leak in smb2_query_symlink()" is included in the Linux 3.16.72 release. This change is authored by Ronnie Sahlberg <lsahlber [at] redhat.com> on Wed Apr 10 07:47:22 2019 +1000. The commit for this change in Linux stable tree is 3a1cc3e (patch) which is from upstream commit e6d0fb7. The same Linux upstream change may have been applied to various maintained Linux releases and you can find all Linux releases containing changes from upstream e6d0fb7.

cifs: fix handle leak in smb2_query_symlink()

commit e6d0fb7b34f264f72c33053558a360a6a734905e upstream.

If we enter smb2_query_symlink() for something that is not a symlink
and where the SMB2_open() would succeed we would never end up
closing this handle and would thus leak a handle on the server.

Fix this by immediately calling SMB2_close() on successfull open.

Signed-off-by: Ronnie Sahlberg <[email protected]>
Signed-off-by: Steve French <[email protected]>
Reviewed-by: Pavel Shilovsky <[email protected]>
[bwh: Backported to 3.16: adjust context]
Signed-off-by: Ben Hutchings <[email protected]>

There are 2 lines of Linux source code added/deleted in this change. Code changes to Linux kernel are as follows.

 fs/cifs/smb2ops.c | 2 ++
 1 file changed, 2 insertions(+)

diff --git a/fs/cifs/smb2ops.c b/fs/cifs/smb2ops.c
index 376ccd9..d95a547 100644
--- a/fs/cifs/smb2ops.c
+++ b/fs/cifs/smb2ops.c
@@ -906,6 +906,8 @@

    rc = SMB2_open(xid, &oparms, utf16_path, &oplock, NULL, &err_buf);

+   if (!rc)
+       SMB2_close(xid, tcon, fid.persistent_fid, fid.volatile_fid);
    if (!rc || !err_buf) {
        kfree(utf16_path);
        return -ENOENT;

Leave a Reply

Your email address will not be published. Required fields are marked *