Don't swallow invalid message error

A malformed message encountered here increases the counter, but doesn't tear down the connection because of the nested for loops. The comments indicate that that is the expected behavior - a misbehaving client should not be tolerated. Signed-off-by: Auke Kok <auke.kok@versity.com>
Fix leak in client side lock invalidation
2026-04-30 09:56:55 +00:00 · 2026-04-15 17:02:40 -07:00 · 2026-04-15 16:35:10 -07:00 · 2026-04-15 14:06:46 -07:00
2 changed files with 3 additions and 2 deletions
--- a/kmod/src/lock.c
+++ b/kmod/src/lock.c
@@ -813,6 +813,7 @@ int scoutfs_lock_invalidate_request(struct super_block *sb, u64 net_id,

 out:
 	if (!lock) {
+		kfree(ireq);
 		ret = scoutfs_client_lock_response(sb, net_id, nl);
 		BUG_ON(ret); /* lock server doesn't fence timed out client requests */
 	}
--- a/kmod/src/net.c
+++ b/kmod/src/net.c
@@ -525,7 +525,7 @@ static int process_response(struct scoutfs_net_connection *conn,
 	struct super_block *sb = conn->sb;
 	struct message_send *msend;
 	scoutfs_net_response_t resp_func = NULL;
-	void *resp_data;
+	void *resp_data = NULL;

 	spin_lock(&conn->lock);

@@ -804,7 +804,7 @@ static void scoutfs_net_recv_worker(struct work_struct *work)
 			if (invalid_message(conn, nh)) {
 				scoutfs_inc_counter(sb, net_recv_invalid_message);
 				ret = -EBADMSG;
-				break;
+				goto out;
 			}

 			data_len = le16_to_cpu(nh->data_len);