From: Namjae Jeon <namjae.jeon@samsung.com>
Date: Wed, 7 Jul 2021 05:56:44 +0000 (+0900)
Subject: ksmbd: fix read on the uninitialized send_ctx
X-Git-Url: http://git.maquefel.me/?a=commitdiff_plain;h=b8fc94cdb144467d88f35344076fd3621af93a17;p=linux.git

ksmbd: fix read on the uninitialized send_ctx

If st->status is not SMB_DIRECT_CS_CONNECTED, It will jump done label
and accessing the uninitialized send_ctxi by smb_direct_flush_send_list
will cause kernel oops. This patch just return -ENOTCONN to avoid it.

Reported-by: Coverity Scan <scan-admin@coverity.com>
Signed-off-by: Namjae Jeon <namjae.jeon@samsung.com>
Signed-off-by: Steve French <stfrench@microsoft.com>
---

diff --git a/fs/ksmbd/transport_rdma.c b/fs/ksmbd/transport_rdma.c
index 171fb3dd018aa..d5728c84a15ae 100644
--- a/fs/ksmbd/transport_rdma.c
+++ b/fs/ksmbd/transport_rdma.c
@@ -1207,10 +1207,8 @@ static int smb_direct_writev(struct ksmbd_transport *t,
 	struct kvec vec;
 	struct smb_direct_send_ctx send_ctx;
 
-	if (st->status != SMB_DIRECT_CS_CONNECTED) {
-		ret = -ENOTCONN;
-		goto done;
-	}
+	if (st->status != SMB_DIRECT_CS_CONNECTED)
+		return -ENOTCONN;
 
 	//FIXME: skip RFC1002 header..
 	buflen -= 4;