4.4-stable patches

author Greg Kroah-Hartman <gregkh@linuxfoundation.org>

Mon, 24 May 2021 09:00:03 +0000 (11:00 +0200)

committer Greg Kroah-Hartman <gregkh@linuxfoundation.org>

Mon, 24 May 2021 09:00:03 +0000 (11:00 +0200)
author Greg Kroah-Hartman <gregkh@linuxfoundation.org>
Mon, 24 May 2021 09:00:03 +0000 (11:00 +0200)
committer Greg Kroah-Hartman <gregkh@linuxfoundation.org>
Mon, 24 May 2021 09:00:03 +0000 (11:00 +0200)
diff --git a/queue-4.4/cifs-fix-memory-leak-in-smb2_copychunk_range.patch b/queue-4.4/cifs-fix-memory-leak-in-smb2_copychunk_range.patch

new file mode 100644 (file)

index 0000000..653de00
--- /dev/null
+++ b/queue-4.4/cifs-fix-memory-leak-in-smb2_copychunk_range.patch
@@ -0,0 +1,36 @@
+From d201d7631ca170b038e7f8921120d05eec70d7c5 Mon Sep 17 00:00:00 2001
+From: Ronnie Sahlberg <lsahlber@redhat.com>
+Date: Wed, 19 May 2021 08:40:11 +1000
+Subject: cifs: fix memory leak in smb2_copychunk_range
+
+From: Ronnie Sahlberg <lsahlber@redhat.com>
+
+commit d201d7631ca170b038e7f8921120d05eec70d7c5 upstream.
+
+When using smb2_copychunk_range() for large ranges we will
+run through several iterations of a loop calling SMB2_ioctl()
+but never actually free the returned buffer except for the final
+iteration.
+This leads to memory leaks everytime a large copychunk is requested.
+
+Fixes: 9bf0c9cd4314 ("CIFS: Fix SMB2/SMB3 Copy offload support (refcopy) for large files")
+Cc: <stable@vger.kernel.org>
+Reviewed-by: Aurelien Aptel <aaptel@suse.com>
+Signed-off-by: Ronnie Sahlberg <lsahlber@redhat.com>
+Signed-off-by: Steve French <stfrench@microsoft.com>
+Signed-off-by: Greg Kroah-Hartman <gregkh@linuxfoundation.org>
+---
+ fs/cifs/smb2ops.c |    2 ++
+ 1 file changed, 2 insertions(+)
+
+--- a/fs/cifs/smb2ops.c
++++ b/fs/cifs/smb2ops.c
+@@ -619,6 +619,8 @@ smb2_clone_range(const unsigned int xid,
+                       cpu_to_le32(min_t(u32, len, tcon->max_bytes_chunk));
+ 
+               /* Request server copy to target from src identified by key */
++              kfree(retbuf);
++              retbuf = NULL;
+               rc = SMB2_ioctl(xid, tcon, trgtfile->fid.persistent_fid,
+                       trgtfile->fid.volatile_fid, FSCTL_SRV_COPYCHUNK_WRITE,
+                       true /* is_fsctl */, (char *)pcchunk,
diff --git a/queue-4.4/series b/queue-4.4/series

index 10780d80075d46d863c1722c75ef6b94270f6023..cfbf4b15f303c83607352c948e6354332ab57f4b 100644 (file)
--- a/queue-4.4/series
+++ b/queue-4.4/series
@@ -1,3 +1,4 @@
  openrisc-fix-a-memory-leak.patch
  scsi-qla2xxx-fix-error-return-code-in-qla82xx_write_.patch
  ptrace-make-ptrace-fail-if-the-tracee-changed-its-pi.patch
+cifs-fix-memory-leak-in-smb2_copychunk_range.patch
author	Greg Kroah-Hartman <gregkh@linuxfoundation.org>
	Mon, 24 May 2021 09:00:03 +0000 (11:00 +0200)
committer	Greg Kroah-Hartman <gregkh@linuxfoundation.org>
	Mon, 24 May 2021 09:00:03 +0000 (11:00 +0200)
queue-4.4/cifs-fix-memory-leak-in-smb2_copychunk_range.patch	[new file with mode: 0644]	patch \| blob
queue-4.4/series		patch \| blob \| blame \| history