Commit 453a6d2a authored Aug 19, 2025 by David Howells Committed by Steve French Aug 19, 2025

cifs: Fix oops due to uninitialised variable



Fix smb3_init_transform_rq() to initialise buffer to NULL before calling
netfs_alloc_folioq_buffer() as netfs assumes it can append to the buffer it
is given.  Setting it to NULL means it should start a fresh buffer, but the
value is currently undefined.

Fixes: a2906d33 ("cifs: Switch crypto buffer to use a folio_queue rather than an xarray")
Signed-off-by: David Howells <dhowells@redhat.com>
cc: Steve French <sfrench@samba.org>
cc: Paulo Alcantara <pc@manguebit.org>
cc: linux-cifs@vger.kernel.org
cc: linux-fsdevel@vger.kernel.org
Signed-off-by: Steve French <stfrench@microsoft.com>

parent c17b750b

fs/smb/client/smb2ops.c

+1 −1

Original line number	Diff line number	Diff line
		@@ -4496,7 +4496,7 @@ smb3_init_transform_rq(struct TCP_Server_Info *server, int num_rqst,
		for (int i = 1; i < num_rqst; i++) {
		struct smb_rqst *old = &old_rq[i - 1];
		struct smb_rqst *new = &new_rq[i];
		struct folio_queue *buffer;
		struct folio_queue *buffer = NULL;
		size_t size = iov_iter_count(&old->rq_iter);

		orig_len += smb_rqst_len(server, old);