mirror of
https://git.kernel.org/pub/scm/linux/kernel/git/stable/linux.git
synced 2024-09-13 14:14:37 +00:00
ksmbd: Fix read on the uninitialized pointer sess
There is a error handling case that passes control to label out_err without pointer sess being assigned a value. The unassigned pointer may be any garbage value and so the test of rc < 0 && sess maybe true leading to sess being passed to the call to ksmbd_session_destroy. Fix this by setting sess to NULL in this corner case. Addresses-Coverity: ("Uninitialized pointer read") Signed-off-by: Colin Ian King <colin.king@canonical.com> Signed-off-by: Namjae Jeon <namjae.jeon@samsung.com> Signed-off-by: Steve French <stfrench@microsoft.com>
This commit is contained in:
parent
465d720485
commit
4951a84f61
1 changed files with 1 additions and 0 deletions
|
@ -1615,6 +1615,7 @@ int smb2_sess_setup(struct ksmbd_work *work)
|
||||||
} else if ((conn->dialect < SMB30_PROT_ID ||
|
} else if ((conn->dialect < SMB30_PROT_ID ||
|
||||||
server_conf.flags & KSMBD_GLOBAL_FLAG_SMB3_MULTICHANNEL) &&
|
server_conf.flags & KSMBD_GLOBAL_FLAG_SMB3_MULTICHANNEL) &&
|
||||||
(req->Flags & SMB2_SESSION_REQ_FLAG_BINDING)) {
|
(req->Flags & SMB2_SESSION_REQ_FLAG_BINDING)) {
|
||||||
|
sess = NULL;
|
||||||
rc = -EACCES;
|
rc = -EACCES;
|
||||||
goto out_err;
|
goto out_err;
|
||||||
} else {
|
} else {
|
||||||
|
|
Loading…
Reference in a new issue