Merge: [CVE-2024-50152] smb: client: fix possible double free in smb2_set_ea()

MR: https://gitlab.com/redhat/centos-stream/src/kernel/centos-stream-9/-/merge_requests/5807

JIRA: https://issues.redhat.com/browse/RHEL-66493

CVE: CVE-2024-50152

Signed-off-by: Paulo Alcantara <[email protected]>

Approved-by: Chris von Recklinghausen <[email protected]>
Approved-by: Benjamin Coddington <[email protected]>
Approved-by: CKI KWF Bot <[email protected]>

Merged-by: Rado Vrbovsky <[email protected]>

Author: emmil

fs/smb/client/smb2ops.c

@@ -1122,7 +1122,7 @@ smb2_set_ea(const unsigned int xid, struct cifs_tcon *tcon,
 	struct cifs_fid fid;
 	unsigned int size[1];
 	void *data[1];
-	struct smb2_file_full_ea_info *ea = NULL;
+	struct smb2_file_full_ea_info *ea;
 	struct smb2_query_info_rsp *rsp;
 	int rc, used_len = 0;
 	int retries = 0, cur_sleep = 1;
@@ -1143,6 +1143,7 @@ smb2_set_ea(const unsigned int xid, struct cifs_tcon *tcon,
 	if (!utf16_path)
 		return -ENOMEM;
 
+	ea = NULL;
 	resp_buftype[0] = resp_buftype[1] = resp_buftype[2] = CIFS_NO_BUFFER;
 	vars = kzalloc(sizeof(*vars), GFP_KERNEL);
 	if (!vars) {