Skip to content

Commit 0289a91

Browse files
committed
ksmbd: fix memory leak in smb2_handle_negotiate
The allocated memory didn't free under an error path in smb2_handle_negotiate(). Reported-by: zdi-disclosures@trendmicro.com # ZDI-CAN-17815 Reviewed-by: Hyunchul Lee <hyc.lee@gmail.com> Signed-off-by: Namjae Jeon <linkinjeon@kernel.org>
1 parent 084dfd5 commit 0289a91

File tree

1 file changed

+4
-0
lines changed

1 file changed

+4
-0
lines changed

smb2pdu.c

Lines changed: 4 additions & 0 deletions
Original file line numberDiff line numberDiff line change
@@ -1149,12 +1149,16 @@ int smb2_handle_negotiate(struct ksmbd_work *work)
11491149
status);
11501150
rsp->hdr.Status = status;
11511151
rc = -EINVAL;
1152+
kfree(conn->preauth_info);
1153+
conn->preauth_info = NULL;
11521154
goto err_out;
11531155
}
11541156

11551157
rc = init_smb3_11_server(conn);
11561158
if (rc < 0) {
11571159
rsp->hdr.Status = STATUS_INVALID_PARAMETER;
1160+
kfree(conn->preauth_info);
1161+
conn->preauth_info = NULL;
11581162
goto err_out;
11591163
}
11601164

0 commit comments

Comments
 (0)