tjh.dev / kernel
Linux kernel mirror (for testing) git.kernel.org/pub/scm/linux/kernel/git/torvalds/linux.git
kernel os linux
1
fork

Configure Feed

Select the types of activity you want to include in your feed.

Merge tag '6.11-rc5-server-fixes' of git://git.samba.org/ksmbd

Pull smb server fixes from Steve French:

- query directory flex array fix

- fix potential null ptr reference in open

- fix error message in some open cases

- two minor cleanups

* tag '6.11-rc5-server-fixes' of git://git.samba.org/ksmbd:
smb/server: update misguided comment of smb2_allocate_rsp_buf()
smb/server: remove useless assignment of 'file_present' in smb2_open()
smb/server: fix potential null-ptr-deref of lease_ctx_info in smb2_open()
smb/server: fix return value of smb2_open()
ksmbd: the buffer of smb2 query dir response has at least 1 byte

Linus Torvalds 780bdc1b 48fb4b3d

+10 -10
+1 -1
fs/smb/server/oplock.c
··· 1510 1510 * parse_lease_state() - parse lease context containted in file open request 1511 1511 * @open_req: buffer containing smb2 file open(create) request 1512 1512 * 1513 - * Return: oplock state, -ENOENT if create lease context not found 1513 + * Return: allocated lease context object on success, otherwise NULL 1514 1514 */ 1515 1515 struct lease_ctx_info *parse_lease_state(void *open_req) 1516 1516 {
+9 -9
fs/smb/server/smb2pdu.c
··· 519 519 * smb2_allocate_rsp_buf() - allocate smb2 response buffer 520 520 * @work: smb work containing smb request buffer 521 521 * 522 - * Return: 0 on success, otherwise -ENOMEM 522 + * Return: 0 on success, otherwise error 523 523 */ 524 524 int smb2_allocate_rsp_buf(struct ksmbd_work *work) 525 525 { ··· 2770 2770 } 2771 2771 } 2772 2772 2773 - if (((lc && (lc->req_state & SMB2_LEASE_HANDLE_CACHING_LE)) || 2774 - req_op_level == SMB2_OPLOCK_LEVEL_BATCH)) { 2773 + if ((lc && (lc->req_state & SMB2_LEASE_HANDLE_CACHING_LE)) || 2774 + req_op_level == SMB2_OPLOCK_LEVEL_BATCH) { 2775 2775 dh_info->CreateGuid = 2776 2776 durable_v2_blob->CreateGuid; 2777 2777 dh_info->persistent = ··· 2791 2791 goto out; 2792 2792 } 2793 2793 2794 - if (((lc && (lc->req_state & SMB2_LEASE_HANDLE_CACHING_LE)) || 2795 - req_op_level == SMB2_OPLOCK_LEVEL_BATCH)) { 2794 + if ((lc && (lc->req_state & SMB2_LEASE_HANDLE_CACHING_LE)) || 2795 + req_op_level == SMB2_OPLOCK_LEVEL_BATCH) { 2796 2796 ksmbd_debug(SMB, "Request for durable open\n"); 2797 2797 dh_info->type = dh_idx; 2798 2798 } ··· 3096 3096 goto err_out; 3097 3097 } 3098 3098 3099 - file_present = true; 3100 3099 idmap = mnt_idmap(path.mnt); 3101 3100 } else { 3102 3101 if (rc != -ENOENT) ··· 3413 3414 goto err_out1; 3414 3415 } 3415 3416 } else { 3416 - if (req_op_level == SMB2_OPLOCK_LEVEL_LEASE) { 3417 + if (req_op_level == SMB2_OPLOCK_LEVEL_LEASE && lc) { 3417 3418 if (S_ISDIR(file_inode(filp)->i_mode)) { 3418 3419 lc->req_state &= ~SMB2_LEASE_WRITE_CACHING_LE; 3419 3420 lc->is_dir = true; ··· 3712 3713 kfree(name); 3713 3714 kfree(lc); 3714 3715 3715 - return 0; 3716 + return rc; 3716 3717 } 3717 3718 3718 3719 static int readdir_info_level_struct_sz(int info_level) ··· 4408 4409 rsp->OutputBufferLength = cpu_to_le32(0); 4409 4410 rsp->Buffer[0] = 0; 4410 4411 rc = ksmbd_iov_pin_rsp(work, (void *)rsp, 4411 - sizeof(struct smb2_query_directory_rsp)); 4412 + offsetof(struct smb2_query_directory_rsp, Buffer) 4413 + + 1); 4412 4414 if (rc) 4413 4415 goto err_out; 4414 4416 } else {