diff options
| author | Namjae Jeon <[email protected]> | 2023-05-03 08:26:45 +0900 |
|---|---|---|
| committer | Steve French <[email protected]> | 2023-05-03 23:03:01 -0500 |
| commit | 6d7cb549c2ca20e1f07593f15e936fd54b763028 (patch) | |
| tree | f104c31c75068c9c5fb72676dfe6b621a57b10f8 | |
| parent | 1ae78a14516b9372e4c90a89ac21b259339a3a3a (diff) | |
ksmbd: fix memleak in session setup
If client send session setup request with unknown NTLMSSP message type,
session that does not included channel can be created. It will cause
session memleak. because ksmbd_sessions_deregister() does not destroy
session if channel is not included. This patch return error response if
client send the request unknown NTLMSSP message type.
Cc: [email protected]
Reported-by: [email protected] # ZDI-CAN-20593
Signed-off-by: Namjae Jeon <[email protected]>
Signed-off-by: Steve French <[email protected]>
| -rw-r--r-- | fs/ksmbd/smb2pdu.c | 4 |
1 files changed, 4 insertions, 0 deletions
diff --git a/fs/ksmbd/smb2pdu.c b/fs/ksmbd/smb2pdu.c index bbc9e92935fb..1d3931994a5d 100644 --- a/fs/ksmbd/smb2pdu.c +++ b/fs/ksmbd/smb2pdu.c @@ -1766,6 +1766,10 @@ int smb2_sess_setup(struct ksmbd_work *work) } kfree(sess->Preauth_HashValue); sess->Preauth_HashValue = NULL; + } else { + pr_info_ratelimited("Unknown NTLMSSP message type : 0x%x\n", + le32_to_cpu(negblob->MessageType)); + rc = -EINVAL; } } else { /* TODO: need one more negotiation */ |