mirror of
https://github.com/torvalds/linux.git
synced 2026-05-13 00:28:54 +02:00
a74668eb2c
Non-pipe shares must have a duplicated backing path before they can be
published. share_config_request() currently calls kstrndup() for that
path, but if the allocation fails it leaves ret unchanged. If veto list
parsing succeeds and share->name exists, the partially built share is
still inserted into the global share table with share->path left NULL.
A later share-root SMB2 create uses tree_conn->share_conf->path as the
lookup root. If the share was published with path == NULL, that request
passes a NULL pathname into do_getname_kernel()/strlen() and can crash
the ksmbd worker.
Set ret = -ENOMEM when path duplication fails so the incomplete share is
destroyed before publication.
Fixes:
|
||
|---|---|---|
| .. | ||
| ksmbd_ida.c | ||
| ksmbd_ida.h | ||
| share_config.c | ||
| share_config.h | ||
| tree_connect.c | ||
| tree_connect.h | ||
| user_config.c | ||
| user_config.h | ||
| user_session.c | ||
| user_session.h | ||