Re: [syzbot] [cifs?] memory leak in smb3_fs_context_parse_param

Next message: Nilesh Laad: "[PATCH v2 0/2] This series adds LT9211c bridge driver support."
Previous message: Borislav Petkov: "Re: [PATCH v2] RAS/CEC: replace use of system_wq with system_percpu_wq"
In reply to: syzbot: "[syzbot] [cifs?] memory leak in smb3_fs_context_parse_param"
Next in thread: syzbot: "Re: [syzbot] [cifs?] memory leak in smb3_fs_context_parse_param"
Messages sorted by: [ date ] [ thread ] [ subject ] [ author ]

From: Edward Adam Davis

Date: Fri Nov 07 2025 - 08:01:30 EST

#syz test

diff --git a/fs/smb/client/fs_context.c b/fs/smb/client/fs_context.c
index e60927b2a7c8..0e1949bcd6ea 100644
--- a/fs/smb/client/fs_context.c
+++ b/fs/smb/client/fs_context.c
@@ -1435,12 +1435,16 @@ static int smb3_fs_context_parse_param(struct fs_context *fc,
cifs_errorf(fc, "Unknown error parsing devname\n");
goto cifs_parse_mount_err;
}
+ kfree_sensitive(ctx->source);
+ ctx->source = NULL;
ctx->source = smb3_fs_context_fullpath(ctx, '/');
if (IS_ERR(ctx->source)) {
ctx->source = NULL;
cifs_errorf(fc, "OOM when copying UNC string\n");
goto cifs_parse_mount_err;
}
+ kfree_sensitive(fc->source);
+ fc->source = NULL;
fc->source = kstrdup(ctx->source, GFP_KERNEL);
if (fc->source == NULL) {
cifs_errorf(fc, "OOM when copying UNC string\n");
--
2.43.0