[nfs] Fix an invalid free() when loading a symlink

Signed-off-by: Marin Hannache <git@mareo.fr>
Signed-off-by: Michael Brown <mcb30@ipxe.org>

src/net/oncrpc/nfs_open.c

@@ -145,6 +145,8 @@ static void nfs_done ( struct nfs_request *nfs, int rc ) {
 
 	DBGC ( nfs, "NFS_OPEN %p completed (%s)\n", nfs, strerror ( rc ) );
 
+	free ( nfs->filename );
+
 	intf_shutdown ( &nfs->xfer, rc );
 	intf_shutdown ( &nfs->pm_intf, rc );
 	intf_shutdown ( &nfs->mount_intf, rc );
@@ -334,6 +336,15 @@ static int nfs_mount_deliver ( struct nfs_request *nfs,
 			goto done;
 		}
 
+		/* We need to strdup() nfs->filename since the code handling
+		 * symlink resolution make the assumption that it can be
+		 * free()ed. */
+		if ( ( nfs->filename = strdup ( nfs->filename ) ) == NULL )
+		{
+			rc = -ENOMEM;
+			goto err;
+		}
+
 		nfs->current_fh = mnt_reply.fh;
 		nfs->nfs_state = NFS_LOOKUP;
 		nfs_step ( nfs );