ksmbd: fix read on the uninitialized send_ctx

If st->status is not SMB_DIRECT_CS_CONNECTED, It will jump done label
and accessing the uninitialized send_ctxi by smb_direct_flush_send_list
will cause kernel oops. This patch just return -ENOTCONN to avoid it.

Reported-by: Coverity Scan <scan-admin@coverity.com>
Signed-off-by: Namjae Jeon <namjae.jeon@samsung.com>
Signed-off-by: Steve French <stfrench@microsoft.com>

diff --git a/fs/ksmbd/transport_rdma.c b/fs/ksmbd/transport_rdma.c
index 171fb3d..d5728c8 100644 (file)
--- a/fs/ksmbd/transport_rdma.c
+++ b/fs/ksmbd/transport_rdma.c
@@ -1207,10 +1207,8 @@ static int smb_direct_writev(struct ksmbd_transport *t,
        struct kvec vec;
        struct smb_direct_send_ctx send_ctx;
 
-       if (st->status != SMB_DIRECT_CS_CONNECTED) {
-               ret = -ENOTCONN;
-               goto done;
-       }
+       if (st->status != SMB_DIRECT_CS_CONNECTED)
+               return -ENOTCONN;
 
        //FIXME: skip RFC1002 header..
        buflen -= 4;