ksmbd: fix infinite loop caused by next_smb2_rcv_hdr_off reset in error paths

author Namjae Jeon <linkinjeon@kernel.org>

Sat, 24 Jan 2026 01:55:46 +0000 (10:55 +0900)

committer Steve French <stfrench@microsoft.com>

Mon, 9 Feb 2026 02:24:11 +0000 (20:24 -0600)
author Namjae Jeon <linkinjeon@kernel.org>
Sat, 24 Jan 2026 01:55:46 +0000 (10:55 +0900)
committer Steve French <stfrench@microsoft.com>
Mon, 9 Feb 2026 02:24:11 +0000 (20:24 -0600)
diff --git a/fs/smb/server/server.c b/fs/smb/server/server.c

index 554ae90df906dbf11d53c5baa62711b2e1c4afaa..d2410a3f163aec875b316e0602143c35d6a262a0 100644 (file)
--- a/fs/smb/server/server.c
+++ b/fs/smb/server/server.c
@@ -126,21 +126,21 @@ static int __process_request(struct ksmbd_work *work, struct ksmbd_conn *conn,
  andx_again:
         if (command >= conn->max_cmds) {
                 conn->ops->set_rsp_status(work, STATUS_INVALID_PARAMETER);
-               return SERVER_HANDLER_CONTINUE;
+               return SERVER_HANDLER_ABORT;
         }
  
         cmds = &conn->cmds[command];
         if (!cmds->proc) {
                 ksmbd_debug(SMB, "*** not implemented yet cmd = %x\n", command);
                 conn->ops->set_rsp_status(work, STATUS_NOT_IMPLEMENTED);
-               return SERVER_HANDLER_CONTINUE;
+               return SERVER_HANDLER_ABORT;
         }
  
         if (work->sess && conn->ops->is_sign_req(work, command)) {
                 ret = conn->ops->check_sign_req(work);
                 if (!ret) {
                         conn->ops->set_rsp_status(work, STATUS_ACCESS_DENIED);
-                       return SERVER_HANDLER_CONTINUE;
+                       return SERVER_HANDLER_ABORT;
                 }
         }
author	Namjae Jeon <linkinjeon@kernel.org>
	Sat, 24 Jan 2026 01:55:46 +0000 (10:55 +0900)
committer	Steve French <stfrench@microsoft.com>
	Mon, 9 Feb 2026 02:24:11 +0000 (20:24 -0600)