From: Namjae Jeon linkinjeon@kernel.org
mainline inclusion from mainline-v6.5-rc4 commit e202a1e8634b186da38cbbff85382ea2b9e297cf category: bugfix bugzilla: https://gitee.com/src-openeuler/kernel/issues/IA6VIB
Reference: https://git.kernel.org/pub/scm/linux/kernel/git/torvalds/linux.git/commit/?i...
--------------------------------
ksmbd doesn't support compound read. If client send read-read in compound to ksmbd, there can be memory leak from read buffer. Windows and linux clients doesn't send it to server yet. For now, No response from compound read. compound read will be supported soon.
Reported-by: zdi-disclosures@trendmicro.com # ZDI-CAN-21587, ZDI-CAN-21588 Signed-off-by: Namjae Jeon linkinjeon@kernel.org Signed-off-by: Steve French stfrench@microsoft.com
Conflicts: fs/smb/server/smb2pdu.c Signed-off-by: liwei liwei728@huawei.com --- fs/ksmbd/smb2pdu.c | 5 +++++ 1 file changed, 5 insertions(+)
diff --git a/fs/ksmbd/smb2pdu.c b/fs/ksmbd/smb2pdu.c index 7937f860ea8f..50ef53115cab 100644 --- a/fs/ksmbd/smb2pdu.c +++ b/fs/ksmbd/smb2pdu.c @@ -6253,6 +6253,11 @@ int smb2_read(struct ksmbd_work *work) int err = 0;
WORK_BUFFERS(work, req, rsp); + if (work->next_smb2_rcv_hdr_off) { + work->send_no_response = 1; + err = -EOPNOTSUPP; + goto out; + }
if (test_share_config_flag(work->tcon->share_conf, KSMBD_SHARE_FLAG_PIPE)) {