Re: [PATCH] ksmbd: fail share config requests when path allocation fails

Next message: Kevin Brodsky: "Re: [PATCH v4 11/15] arm64: mm: Don't abuse memblock NOMAP to check for overlaps"
Previous message: Gregory Price: "Re: [LSF/MM/BPF TOPIC][RFC PATCH v4 00/27] Private Memory Nodes (w/ Compressed RAM)"
In reply to: Shuhao Fu: "Re: [PATCH] ksmbd: fail share config requests when path allocation fails"
Messages sorted by: [ date ] [ thread ] [ subject ] [ author ]

From: Namjae Jeon

Date: Wed Apr 29 2026 - 09:52:15 EST

On Wed, Apr 29, 2026 at 6:00 PM Shuhao Fu <sfual@xxxxxxxxxx> wrote:
>
> Non-pipe shares must have a duplicated backing path before they can be
> published. share_config_request() currently calls kstrndup() for that
> path, but if the allocation fails it leaves ret unchanged. If veto list
> parsing succeeds and share->name exists, the partially built share is
> still inserted into the global share table with share->path left NULL.
>
> A later share-root SMB2 create uses tree_conn->share_conf->path as the
> lookup root. If the share was published with path == NULL, that request
> passes a NULL pathname into do_getname_kernel()/strlen() and can crash
> the ksmbd worker.
>
> Set ret = -ENOMEM when path duplication fails so the incomplete share is
> destroyed before publication.
>
> Fixes: e2f34481b24d ("cifsd: add server-side procedures for SMB3")
> Signed-off-by: Shuhao Fu <sfual@xxxxxxxxxx>
Applied it to #ksmbd-for-next-next.
Thanks!