From nobody Tue Apr 7 17:13:26 2026 Received: from mail-pf1-f172.google.com (mail-pf1-f172.google.com [209.85.210.172]) (using TLSv1.2 with cipher ECDHE-RSA-AES128-GCM-SHA256 (128/128 bits)) (No client certificate requested) by smtp.subspace.kernel.org (Postfix) with ESMTPS id D04BF3B9613 for ; Fri, 27 Feb 2026 05:54:24 +0000 (UTC) Authentication-Results: smtp.subspace.kernel.org; arc=none smtp.client-ip=209.85.210.172 ARC-Seal: i=1; a=rsa-sha256; d=subspace.kernel.org; s=arc-20240116; t=1772171666; cv=none; b=Zdj36vUycda5blRXKoHOSimyIeIGEkiqOHuCst5ehuVS5InylUZJ/wnYlLuNPLA7TAENO++AQZ0WTBi6NDCEIMaJAhgum1BFjo6gmXsNtWhiyARj6uAwEI9aA0+z2E2+QBqMxcU1Jfv6npq3E13UfOvQoIwD3Rd43h2ZvT8UTDM= ARC-Message-Signature: i=1; a=rsa-sha256; d=subspace.kernel.org; s=arc-20240116; t=1772171666; c=relaxed/simple; bh=AkWz5k+2wIbunIL0p9X6aQXFpOqWdjrXbCIk8aWyUdU=; h=From:To:Cc:Subject:Date:Message-ID:MIME-Version; b=masqq0yr3sQImurPatow5LsqrwkhdT2Lc2j+YwF8wq6/5BviQpNignTLBj22fbsie7huoioGQQevMlACRj+AHracpLIRYAg6goif+jHIi3sCXZk4FkvRAfK+JDS0fSEE1dnNW6Kdrq4BBz9FlFnHuh1FeUhrikHk7BE+r2HAWj8= ARC-Authentication-Results: i=1; smtp.subspace.kernel.org; dmarc=none (p=none dis=none) header.from=roeck-us.net; spf=pass smtp.mailfrom=gmail.com; dkim=pass (2048-bit key) header.d=gmail.com header.i=@gmail.com header.b=LkYbAUTQ; arc=none smtp.client-ip=209.85.210.172 Authentication-Results: smtp.subspace.kernel.org; dmarc=none (p=none dis=none) header.from=roeck-us.net Authentication-Results: smtp.subspace.kernel.org; spf=pass smtp.mailfrom=gmail.com Authentication-Results: smtp.subspace.kernel.org; dkim=pass (2048-bit key) header.d=gmail.com header.i=@gmail.com header.b="LkYbAUTQ" Received: by mail-pf1-f172.google.com with SMTP id d2e1a72fcca58-82746ed8cb1so617809b3a.3 for ; Thu, 26 Feb 2026 21:54:24 -0800 (PST) DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed; d=gmail.com; s=20230601; t=1772171664; x=1772776464; darn=vger.kernel.org; h=content-transfer-encoding:mime-version:message-id:date:subject:cc :to:from:sender:from:to:cc:subject:date:message-id:reply-to; bh=QosvNuXboU32D9oyRT8fsiY7HceoagCHchzg2894r1Y=; b=LkYbAUTQVFzYYLGsf90B+Sq0hovBM2zb4ghKOQ7aSWUW43cuRWulvnkeBsklv1Fys+ kc7yxX290UjvDtnn66EB3UU4lTgKa5fe1Sc2WOOcghG9sMNp1tmz6ehsCvWEDm0enxIe o+fgEKb6Zyb0LKMjxxkreBQUgajptIzgMFvbpWheJLgGNPBAPh/yKBdzlJNsUJsYVYtS BWmAZjdDhDzo/3gjAGzVapsmi0iYN1hHs2yIS89wGqWNKncPOJ12LCdMwEWLr7JVU4Qf Aeu9tF4GnolKuNeirNWBAtFebTRO2VBtE/qyE3x8hkepJJHL3I6svzY6DePqm3UgQp5C GejA== X-Google-DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed; d=1e100.net; s=20230601; t=1772171664; x=1772776464; h=content-transfer-encoding:mime-version:message-id:date:subject:cc :to:from:sender:x-gm-gg:x-gm-message-state:from:to:cc:subject:date :message-id:reply-to; bh=QosvNuXboU32D9oyRT8fsiY7HceoagCHchzg2894r1Y=; b=d9ab3mqrI/RH9WihtGz3kJQfDI7IBdwvfQSvJJoED1YPb7W9Z40AeFBmui2uQiiXUz mUBbzRgFoQN7DW13hFgjL+zkNBiwZRVtJZ0rlhHBa6bKwldUzJxV0hTA9aQ84ARM/FTF lKHtL+ahpZwGSZisfiBmaHx0aEkgkwcTTZTMwpRlZUe/Jr4IrfYUH5OsMbJrzEX3QsAy SIBVeDmbKw5cqgqqQCKr4XcrfrHCK5zXt5LyvqjRQQpOCtwT1a2XQqvxuzUQMvxx680G BrQ1cbYjAuvFxJ9e1plWh6NXKwW3YHLov3lf7TRhN61lF80dV1tefKtRuRWoPtgRkz9J 18kg== X-Forwarded-Encrypted: i=1; AJvYcCWbkjnywDB0diqm7XF1YbqAv/kxkxgTSmQ8RK4r5/KFbKSgeS6oS3P804W2ggW8JwDUKDpvWoS6HHDQS7A=@vger.kernel.org X-Gm-Message-State: AOJu0YygxEj/1pWPVciScTQpr6D+5iTPM/w6bsREu2vBuaQyy7Iuxo/f Q199hna6SP9tEyNgsomtwzpcRoCz/2RvydOT5u9zqm99Ax5mjGXWkLv3 X-Gm-Gg: ATEYQzw/olBLX9v4yjtFS8/5T0fRe7DCRqhlBXSvV5mMcMfwqgk0p04f4dgJcfEa9v4 akdpHO1dfgQ0GCJT2A+d0b3Kiohha0wJoGkoXfzEK9uBRB41uQsG5ooZcj8MQ3l/J11JRIr7YfX dLm561jZ9EaByu6gY3K0alWfaWdmN8KeEgI6MR+8A+GvD0x/gIZ/blnZyRJ/6nVUvlJ0TPEuKwX PNbAA5JRMZ1dagRUHtYUFAQ/I9xkfn0r/m4/ioBdxeOjiN1559uWfdvjxdOndwjYQ3OyI89Ql9E Z4kGp1IzJFpEPkNibMmsdxDgCwOz9AaDuumda1rBHlel30PiwJ2vzw9BcasKPLJjw9FmzcfECiM XWBpRfTHA5vsxYHeNQYWoegkLc+JcNK8H7NPbaE/siF1xMY5jtXtZ7JV95kY+40QRl81e+8VqQ5 N//0WUxJ5cvWU+0aPJsTV9mZNRQd0/gBZV09KU X-Received: by 2002:a05:6a21:44c8:b0:395:7fb:9365 with SMTP id adf61e73a8af0-395c39df01dmr1569566637.8.1772171664134; Thu, 26 Feb 2026 21:54:24 -0800 (PST) Received: from server.roeck-us.net ([2600:1700:e321:62f0:da43:aeff:fecc:bfd5]) by smtp.gmail.com with ESMTPSA id 41be03b00d2f7-c70fa5ef857sm3316593a12.7.2026.02.26.21.54.23 (version=TLS1_3 cipher=TLS_AES_256_GCM_SHA384 bits=256/256); Thu, 26 Feb 2026 21:54:23 -0800 (PST) Sender: Guenter Roeck From: Guenter Roeck To: Namjae Jeon Cc: Steve French , Sergey Senozhatsky , Tom Talpey , linux-cifs@vger.kernel.org, linux-kernel@vger.kernel.org, Guenter Roeck , ChenXiaoSong Subject: [PATCH] smb/server: Fix another refcount leak in smb2_open() Date: Thu, 26 Feb 2026 21:54:21 -0800 Message-ID: <20260227055421.1777793-1-linux@roeck-us.net> X-Mailer: git-send-email 2.45.2 Precedence: bulk X-Mailing-List: linux-kernel@vger.kernel.org List-Id: List-Subscribe: List-Unsubscribe: MIME-Version: 1.0 Content-Transfer-Encoding: quoted-printable Content-Type: text/plain; charset="utf-8" If ksmbd_override_fsids() fails, we jump to err_out2. At that point, fp is NULL because it hasn't been assigned dh_info.fp yet, so ksmbd_fd_put(work, fp) will not be called. However, dh_info.fp was already inserted into the session file table by ksmbd_reopen_durable_fd(), so it will leak in the session file table until the session is closed. Move fp =3D dh_info.fp; ahead of the ksmbd_override_fsids() check to fix the problem. Found by an experimental AI code review agent at Google. Cc: Namjae Jeon Cc: ChenXiaoSong Fixes: c8efcc786146a ("ksmbd: add support for durable handles v1/v2") Signed-off-by: Guenter Roeck Reviewed-by: ChenXiaoSong --- fs/smb/server/smb2pdu.c | 3 ++- 1 file changed, 2 insertions(+), 1 deletion(-) diff --git a/fs/smb/server/smb2pdu.c b/fs/smb/server/smb2pdu.c index 95901a78951c..8b680c96ee44 100644 --- a/fs/smb/server/smb2pdu.c +++ b/fs/smb/server/smb2pdu.c @@ -3011,13 +3011,14 @@ int smb2_open(struct ksmbd_work *work) goto err_out2; } =20 + fp =3D dh_info.fp; + if (ksmbd_override_fsids(work)) { rc =3D -ENOMEM; ksmbd_put_durable_fd(dh_info.fp); goto err_out2; } =20 - fp =3D dh_info.fp; file_info =3D FILE_OPENED; =20 rc =3D ksmbd_vfs_getattr(&fp->filp->f_path, &stat); --=20 2.45.2