Unverified Commit c372a428 authored by openeuler-ci-bot's avatar openeuler-ci-bot Committed by Gitee
Browse files

!1254 Two CVE fixes of ksmbd 

Merge Pull Request from: @ci-robot 
 
PR sync from: ZhaoLong Wang <wangzhaolong1@huawei.com>
https://mailweb.openeuler.org/hyperkitty/list/kernel@openeuler.org/message/OPC4G2ZQN6WR2I5ESDGY65SMYHK4IJAH/ 
CVE fixes:
CVE-2023-32255
CVE-2023-32248

*** BLURB HERE ***

Namjae Jeon (2):
  ksmbd: fix memleak in session setup
  ksmbd: fix NULL pointer dereference in smb2_get_info_filesystem()


-- 
2.31.1
 
 
Link:https://gitee.com/openeuler/kernel/pulls/1254

 

Reviewed-by: default avatarJialin Zhang <zhangjialin11@huawei.com>
Signed-off-by: default avatarJialin Zhang <zhangjialin11@huawei.com>
parents 2c2b4b11 c7e13590

fs/ksmbd/smb2pdu.c

+7 −0
Original line number Diff line number Diff line
@@ -1801,6 +1801,10 @@ int smb2_sess_setup(struct ksmbd_work *work) 
				}

				kfree(sess->Preauth_HashValue);

				sess->Preauth_HashValue = NULL;

			} else {

				pr_info_ratelimited("Unknown NTLMSSP message type : 0x%x\n",

						le32_to_cpu(negblob->MessageType));

				rc = -EINVAL;

			}

		} else {

			/* TODO: need one more negotiation */
@@ -4863,6 +4867,9 @@ static int smb2_get_info_filesystem(struct ksmbd_work *work, 
	int rc = 0, len;

	int fs_infoclass_size = 0;



	if (!share->path)

		return -EIO;



	rc = kern_path(share->path, LOOKUP_NO_SYMLINKS, &path);

	if (rc) {

		pr_err("cannot create vfs path\n");