Received: by 2002:a25:4158:0:0:0:0:0 with SMTP id o85csp858893yba;
        Wed, 24 Apr 2019 10:45:06 -0700 (PDT)
X-Google-Smtp-Source: APXvYqw/AlMPDl6V0aJnBpH6/WavtkEMqfHUs2uWCJtzcbIzIprlyTdcig+FnsucsdnDq5XM+nj+
X-Received: by 2002:a17:902:e01:: with SMTP id 1mr34686511plw.128.1556127906779;
        Wed, 24 Apr 2019 10:45:06 -0700 (PDT)
ARC-Seal: i=1; a=rsa-sha256; t=1556127906; cv=none;
        d=google.com; s=arc-20160816;
        b=mANrvPB0txHRqw6V6wksBlXaWR4OTmtX59K3aYZ6KqR9xmuljEvozbQk9aGeaOqvfI
         w77TX2Nk9fEwDHiwGZHByohlSrYCZKcZm+4+9G85X6wAS145INLWIehjxdqRfv6oiisa
         5TKRJTTg6ceGcMB9IoVZMDYQyoW6zzaNJjCvnDs+6NUHRO4Y8QfBZFtF/N3NCE6No4/q
         6+NaF07+4AnTkMRIBmi4zIflzxIZusIxO92C/YH6EY2l3N9leW+YF7A5CFf0u89w2T/P
         PYHpik91Shx/gWGCW8cX2pTXCqViB6j5uNoJlrxIGyTEvF9gwBa3ZgWIliv8dKmyLwOW
         TDUA==
ARC-Message-Signature: i=1; a=rsa-sha256; c=relaxed/relaxed; d=google.com; s=arc-20160816;
        h=list-id:precedence:sender:content-transfer-encoding:mime-version
         :user-agent:references:in-reply-to:message-id:date:subject:cc:to
         :from:dkim-signature;
        bh=k6AnhK3KiPkgINNQkxnjrFWKTkTP2x/6tD9olrdvIos=;
        b=v2YJNu0n5t1Du6dd9HObpE42DQ+xM7P/GbM8qXFjfHS4UgwENm3fnsh9aqXZEaF3wN
         8xjX2FCxo3rI3q9zyL2H8CVDqE/HqzIiyeR82C43udRAqQH017A43tT2y6dx1s5OK8Gi
         ZEebg8lCaWeEOjm+t7MWAKU0R4ucSyeUuyklaqDcivXOBCJrkQnuOU14xu0zcqQnRNxt
         T46lh4hypSad1R89zIe1Fjdm9ROUJKOHv20Vd6kr5JHFUI5gdYu8I0LFKUQOnTZST35k
         idx4PShlrif7gTYveBLE6BBRWtwt4phhwdXaHsnS79+8s0s76rJe46NmZji2N5RHirwx
         dhkQ==
ARC-Authentication-Results: i=1; mx.google.com;
       dkim=pass header.i=@kernel.org header.s=default header.b=MCs95mzm;
       spf=pass (google.com: best guess record for domain of linux-kernel-owner@vger.kernel.org designates 209.132.180.67 as permitted sender) smtp.mailfrom=linux-kernel-owner@vger.kernel.org
Return-Path: <linux-kernel-owner@vger.kernel.org>
Received: from vger.kernel.org (vger.kernel.org. [209.132.180.67])
        by mx.google.com with ESMTP id h89si19746616pld.367.2019.04.24.10.44.52;
        Wed, 24 Apr 2019 10:45:06 -0700 (PDT)
Received-SPF: pass (google.com: best guess record for domain of linux-kernel-owner@vger.kernel.org designates 209.132.180.67 as permitted sender) client-ip=209.132.180.67;
Authentication-Results: mx.google.com;
       dkim=pass header.i=@kernel.org header.s=default header.b=MCs95mzm;
       spf=pass (google.com: best guess record for domain of linux-kernel-owner@vger.kernel.org designates 209.132.180.67 as permitted sender) smtp.mailfrom=linux-kernel-owner@vger.kernel.org
Received: (majordomo@vger.kernel.org) by vger.kernel.org via listexpand
        id S2391897AbfDXRf3 (ORCPT <rfc822;luigi.mantellini.ml@gmail.com>
        + 99 others); Wed, 24 Apr 2019 13:35:29 -0400
Received: from mail.kernel.org ([198.145.29.99]:34312 "EHLO mail.kernel.org"
        rhost-flags-OK-OK-OK-OK) by vger.kernel.org with ESMTP
        id S2391877AbfDXRfZ (ORCPT <rfc822;linux-kernel@vger.kernel.org>);
        Wed, 24 Apr 2019 13:35:25 -0400
Received: from localhost (62-193-50-229.as16211.net [62.193.50.229])
        (using TLSv1.2 with cipher ECDHE-RSA-AES256-GCM-SHA384 (256/256 bits))
        (No client certificate requested)
        by mail.kernel.org (Postfix) with ESMTPSA id 0DF6721904;
        Wed, 24 Apr 2019 17:35:23 +0000 (UTC)
DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/simple; d=kernel.org;
        s=default; t=1556127324;
        bh=v+M2cDQOFycjuat5P15nslJUZGrfo1hGLqNj/+1SGug=;
        h=From:To:Cc:Subject:Date:In-Reply-To:References:From;
        b=MCs95mzmIjL0D8ZGIyLhb57bwb1jde57dUw2g39o9DNUmsY9rbcxeYQvKDFAGdTTg
         tFZlGZ+d/z8xouGJWvJCDb+4556pYBT6XmIxwcas6vf8cNah8OZnBEvc5bdYTNx3Gn
         5g7pmZ1cDGmVbJX3Gzn+uzv6SJSwMGqX/yXh1tGU=
From:   Greg Kroah-Hartman <gregkh@linuxfoundation.org>
To:     linux-kernel@vger.kernel.org
Cc:     Greg Kroah-Hartman <gregkh@linuxfoundation.org>,
        stable@vger.kernel.org, Ronnie Sahlberg <lsahlber@redhat.com>,
        Steve French <stfrench@microsoft.com>,
        Pavel Shilovsky <pshilov@microsoft.com>
Subject: [PATCH 5.0 048/115] cifs: fix handle leak in smb2_query_symlink()
Date:   Wed, 24 Apr 2019 19:09:44 +0200
Message-Id: <20190424170927.825145734@linuxfoundation.org>
X-Mailer: git-send-email 2.21.0
In-Reply-To: <20190424170924.797924502@linuxfoundation.org>
References: <20190424170924.797924502@linuxfoundation.org>
User-Agent: quilt/0.66
MIME-Version: 1.0
Content-Type: text/plain; charset=UTF-8
Content-Transfer-Encoding: 8bit
Sender: linux-kernel-owner@vger.kernel.org
Precedence: bulk
List-ID: <linux-kernel.vger.kernel.org>
X-Mailing-List: linux-kernel@vger.kernel.org

From: Ronnie Sahlberg <lsahlber@redhat.com>

commit e6d0fb7b34f264f72c33053558a360a6a734905e upstream.

If we enter smb2_query_symlink() for something that is not a symlink
and where the SMB2_open() would succeed we would never end up
closing this handle and would thus leak a handle on the server.

Fix this by immediately calling SMB2_close() on successfull open.

Signed-off-by: Ronnie Sahlberg <lsahlber@redhat.com>
CC: Stable <stable@vger.kernel.org>
Signed-off-by: Steve French <stfrench@microsoft.com>
Reviewed-by: Pavel Shilovsky <pshilov@microsoft.com>
Signed-off-by: Greg Kroah-Hartman <gregkh@linuxfoundation.org>

---
 fs/cifs/smb2ops.c |    2 ++
 1 file changed, 2 insertions(+)

--- a/fs/cifs/smb2ops.c
+++ b/fs/cifs/smb2ops.c
@@ -2210,6 +2210,8 @@ smb2_query_symlink(const unsigned int xi
 
 	rc = SMB2_open(xid, &oparms, utf16_path, &oplock, NULL, &err_iov,
 		       &resp_buftype);
+	if (!rc)
+		SMB2_close(xid, tcon, fid.persistent_fid, fid.volatile_fid);
 	if (!rc || !err_iov.iov_base) {
 		rc = -ENOENT;
 		goto free_path;