cifs: fix handle leak in smb2_query_symlink()
authorRonnie Sahlberg <lsahlber@redhat.com>
Tue, 9 Apr 2019 21:47:22 +0000 (07:47 +1000)
committerSteve French <stfrench@microsoft.com>
Tue, 16 Apr 2019 14:38:26 +0000 (09:38 -0500)
If we enter smb2_query_symlink() for something that is not a symlink
and where the SMB2_open() would succeed we would never end up
closing this handle and would thus leak a handle on the server.

Fix this by immediately calling SMB2_close() on successfull open.

Signed-off-by: Ronnie Sahlberg <lsahlber@redhat.com>
CC: Stable <stable@vger.kernel.org>
Signed-off-by: Steve French <stfrench@microsoft.com>
Reviewed-by: Pavel Shilovsky <pshilov@microsoft.com>
fs/cifs/smb2ops.c

index 00225e699d036c079441d53ee896e7abcdda1149..c36ff0d1fe2a8b7b2668466464fc9da9e45a774f 100644 (file)
@@ -2389,6 +2389,8 @@ smb2_query_symlink(const unsigned int xid, struct cifs_tcon *tcon,
 
        rc = SMB2_open(xid, &oparms, utf16_path, &oplock, NULL, &err_iov,
                       &resp_buftype);
+       if (!rc)
+               SMB2_close(xid, tcon, fid.persistent_fid, fid.volatile_fid);
        if (!rc || !err_iov.iov_base) {
                rc = -ENOENT;
                goto free_path;