From mboxrd@z Thu Jan  1 00:00:00 1970
Received: from szxga08-in.huawei.com (szxga08-in.huawei.com [45.249.212.255])
	by lindbergh.monkeyblade.net (Postfix) with ESMTPS id 05DAACF;
	Sun,  3 Dec 2023 17:14:59 -0800 (PST)
Received: from dggpemm500020.china.huawei.com (unknown [172.30.72.53])
	by szxga08-in.huawei.com (SkyGuard) with ESMTP id 4Sk5G82rLLz1P999;
	Mon,  4 Dec 2023 09:11:12 +0800 (CST)
Received: from [10.174.176.88] (10.174.176.88) by
 dggpemm500020.china.huawei.com (7.185.36.49) with Microsoft SMTP Server
 (version=TLS1_2, cipher=TLS_ECDHE_RSA_WITH_AES_128_GCM_SHA256) id
 15.1.2507.35; Mon, 4 Dec 2023 09:14:56 +0800
Message-ID: <86261c8b-686e-4542-af44-51ec4cd39730@huawei.com>
Date: Mon, 4 Dec 2023 09:14:55 +0800
Precedence: bulk
X-Mailing-List: linux-cifs@vger.kernel.org
List-Id: <linux-cifs.vger.kernel.org>
List-Subscribe: <mailto:linux-cifs+subscribe@vger.kernel.org>
List-Unsubscribe: <mailto:linux-cifs+unsubscribe@vger.kernel.org>
MIME-Version: 1.0
User-Agent: Mozilla Thunderbird
Subject: Re: [PATCH -next] ksmbd: fix memory leak in smb2_lock()
To: Namjae Jeon <linkinjeon@kernel.org>
CC: <sfrench@samba.org>, <senozhatsky@chromium.org>, <lsahlber@redhat.com>,
	<hyc.lee@gmail.com>, <linux-cifs@vger.kernel.org>,
	<linux-kernel@vger.kernel.org>, <yangerkun@huawei.com>
References: <20231201145048.2179969-1-wozizhi@huawei.com>
 <CAKYAXd-6AfN8PUZWafHHg8xeH+7T5CLFtjs+4Snb=smiDHJgqQ@mail.gmail.com>
From: Zizhi Wo <wozizhi@huawei.com>
In-Reply-To: <CAKYAXd-6AfN8PUZWafHHg8xeH+7T5CLFtjs+4Snb=smiDHJgqQ@mail.gmail.com>
Content-Type: text/plain; charset="UTF-8"; format=flowed
Content-Transfer-Encoding: 8bit
X-ClientProxiedBy: dggems701-chm.china.huawei.com (10.3.19.178) To
 dggpemm500020.china.huawei.com (7.185.36.49)
X-CFilter-Loop: Reflected



在 2023/12/2 11:54, Namjae Jeon 写道:
> 2023-12-01 23:50 GMT+09:00, Zizhi Wo <wozizhi@huawei.com>:
>> In smb2_lock(), if setup_async_work() executes successfully,
>> work->cancel_argv will bind the argv that generated by kmalloc(). And
>> release_async_work() is called in ksmbd_conn_try_dequeue_request() or
>> smb2_lock() to release argv.
>> However, when setup_async_work function fails, work->cancel_argv has not
>> been bound to the argv, resulting in the previously allocated argv not
>> being released. Call kfree() to fix it.
>>
>> when setup_async_work fails, the code will go to the
>> "out" branch, resulting in the previously allocated "argv" not being
>> released. Call kfree() to fix it.
>>
>> Fixes: e2f34481b24d ("cifsd: add server-side procedures for SMB3")
>> Signed-off-by: Zizhi Wo <wozizhi@huawei.com>
> Acked-by: Namjae Jeon <linkinjeon@kernel.org>
> 
> Applied it to #ksmbd-for-next-next .
> Thanks.

Thanks, but I found a redundant paragraph in my commit message, and I 
will send version V2 to fix it.