]> git.ipfire.org Git - thirdparty/kernel/stable.git/commitdiff
projects / thirdparty / kernel / stable.git / commitdiff
? search:
summary | shortlog | log | commit | commitdiff | tree
raw | patch | inline | side by side (parent: d9d1e31)
smb: client: Don't log plaintext credentials in cifs_set_cifscreds
authorThorsten Blum <thorsten.blum@linux.dev>
Thu, 26 Feb 2026 21:28:45 +0000 (22:28 +0100)
committerSteve French <stfrench@microsoft.com>
Fri, 27 Feb 2026 00:17:20 +0000 (18:17 -0600)
When debug logging is enabled, cifs_set_cifscreds() logs the key
payload and exposes the plaintext username and password. Remove the
debug log to avoid exposing credentials.

Fixes: 8a8798a5ff90 ("cifs: fetch credentials out of keyring for non-krb5 auth multiuser mounts")
Cc: stable@vger.kernel.org
Acked-by: Paulo Alcantara (Red Hat) <pc@manguebit.org>
Signed-off-by: Thorsten Blum <thorsten.blum@linux.dev>
Signed-off-by: Steve French <stfrench@microsoft.com>
fs/smb/client/connect.c patch | blob | blame | history

diff --git a/fs/smb/client/connect.c b/fs/smb/client/connect.c
index 87686c804057f620398ec2528abbfce1d0524687..4c34d9603e0533f61c93524517f3e6e20b3fe01d 100644 (file)
--- a/fs/smb/client/connect.c
+++ b/fs/smb/client/connect.c
@@ -2236,7 +2236,6 @@ cifs_set_cifscreds(struct smb3_fs_context *ctx, struct cifs_ses *ses)
        /* find first : in payload */
        payload = upayload->data;
        delim = strnchr(payload, upayload->datalen, ':');
-       cifs_dbg(FYI, "payload=%s\n", payload);
        if (!delim) {
                cifs_dbg(FYI, "Unable to find ':' in payload (datalen=%d)\n",
                         upayload->datalen);
Mirror https://git.kernel.org/pub/scm/linux/kernel/git/stable/linux.git