smb: client: Handle kstrdup failures for passwords

JIRA: https://issues.redhat.com/browse/RHEL-65939
CVE: CVE-2024-50120

commit 9a5dd61
Author: Henrique Carvalho <[email protected]>
Date:   Tue Oct 22 15:21:26 2024 -0300

    smb: client: Handle kstrdup failures for passwords
    
    In smb3_reconfigure(), after duplicating ctx->password and
    ctx->password2 with kstrdup(), we need to check for allocation
    failures.
    
    If ses->password allocation fails, return -ENOMEM.
    If ses->password2 allocation fails, free ses->password, set it
    to NULL, and return -ENOMEM.
    
    Fixes: c1eb537 ("cifs: allow changing password during remount")
    Reviewed-by: David Howells <[email protected]
    Signed-off-by: Haoxiang Li <[email protected]>
    Signed-off-by: Henrique Carvalho <[email protected]>
    Signed-off-by: Steve French <[email protected]>

Signed-off-by: Paulo Alcantara <[email protected]>

Author: pcacjr

fs/smb/client/fs_context.c

@@ -918,8 +918,15 @@ static int smb3_reconfigure(struct fs_context *fc)
 	else  {
 		kfree_sensitive(ses->password);
 		ses->password = kstrdup(ctx->password, GFP_KERNEL);
+		if (!ses->password)
+			return -ENOMEM;
 		kfree_sensitive(ses->password2);
 		ses->password2 = kstrdup(ctx->password2, GFP_KERNEL);
+		if (!ses->password2) {
+			kfree_sensitive(ses->password);
+			ses->password = NULL;
+			return -ENOMEM;
+		}
 	}
 	STEAL_STRING(cifs_sb, ctx, domainname);
 	STEAL_STRING(cifs_sb, ctx, nodename);