From: Marios Makassikis <mmakassikis@freebox.fr>
Date: Wed, 13 Mar 2024 14:11:38 +0000 (+0100)
Subject: ksmbd: fix possible null-deref in smb_lazy_parent_lease_break_close
X-Git-Tag: v6.6.32~39
X-Git-Url: http://review.tizen.org/git/?a=commitdiff_plain;h=27b40b7bfcd121fe13a150ffe11957630cf49246;p=platform%2Fkernel%2Flinux-riscv.git

ksmbd: fix possible null-deref in smb_lazy_parent_lease_break_close

[ Upstream commit 5fb282ba4fef8985a5acf2b32681f2ec07732561 ]

rcu_dereference can return NULL, so make sure we check against that.

Signed-off-by: Marios Makassikis <mmakassikis@freebox.fr>
Acked-by: Namjae Jeon <linkinjeon@kernel.org>
Signed-off-by: Steve French <stfrench@microsoft.com>
Signed-off-by: Sasha Levin <sashal@kernel.org>
---

diff --git a/fs/smb/server/oplock.c b/fs/smb/server/oplock.c
index 7bdae2adad22..58bafe23ded9 100644
--- a/fs/smb/server/oplock.c
+++ b/fs/smb/server/oplock.c
@@ -1152,7 +1152,7 @@ void smb_lazy_parent_lease_break_close(struct ksmbd_file *fp)
 	opinfo = rcu_dereference(fp->f_opinfo);
 	rcu_read_unlock();
 
-	if (!opinfo->is_lease || opinfo->o_lease->version != 2)
+	if (!opinfo || !opinfo->is_lease || opinfo->o_lease->version != 2)
 		return;
 
 	p_ci = ksmbd_inode_lookup_lock(fp->filp->f_path.dentry->d_parent);