From ddbe4b02aeca52900bb6965c533044b59924e37c Mon Sep 17 00:00:00 2001
From: Greg Kroah-Hartman <gregkh@linuxfoundation.org>
Date: Thu, 23 May 2019 10:47:04 +0200
Subject: [PATCH] Revert "cifs: fix memory leak in SMB2_read"

This reverts commit c54a881d793e3eea2a1b1460c5778b22128821ea which is
commit 05fd5c2c61732152a6bddc318aae62d7e436629b upstream.

Lars writes:
	This patch should not be in 4.14-stable because
	088aaf17aa79300cab14dbee2569c58cfafd7d6e was for 4.18+.

	Now we have a double-free crash in SMB2_read because there are 2
	calls to cifs_small_buf_release in the error path.

It was a mistake to backport it this far, so let's revert it.

Reported-by: Lars Persson <lists@bofh.nu>
Cc: Ronnie Sahlberg <lsahlber@redhat.com>
Cc: Pavel Shilovsky <pshilov@microsoft.com>
Cc: Steve French <stfrench@microsoft.com>
Cc: Sasha Levin <alexander.levin@microsoft.com>
Signed-off-by: Greg Kroah-Hartman <gregkh@linuxfoundation.org>
---
 fs/cifs/smb2pdu.c | 1 -
 1 file changed, 1 deletion(-)

diff --git a/fs/cifs/smb2pdu.c b/fs/cifs/smb2pdu.c
index 7936eac5a38a..fd2d199dd413 100644
--- a/fs/cifs/smb2pdu.c
+++ b/fs/cifs/smb2pdu.c
@@ -2699,7 +2699,6 @@ SMB2_read(const unsigned int xid, struct cifs_io_parms *io_parms,
 			cifs_dbg(VFS, "Send error in read = %d\n", rc);
 		}
 		free_rsp_buf(resp_buftype, rsp_iov.iov_base);
-		cifs_small_buf_release(req);
 		return rc == -ENODATA ? 0 : rc;
 	}