robin.thoni
/
ipxe
Watch 1
Star 0
Fork 0
Code Issues 0 Pull Requests 0 Releases 11 Wiki Activity
Browse Source

[nfs] Fix an invalid free() when loading a symlink 

Signed-off-by: Marin Hannache <git@mareo.fr>
Signed-off-by: Michael Brown <mcb30@ipxe.org>
tags/v1.20.1
Marin Hannache 10 years ago
parent
d42901c4ad
commit
7aa69c4d0d
1 changed files with 11 additions and 0 deletions
Unified View Show Diff Stats
  1. 11
    0
      src/net/oncrpc/nfs_open.c

+ 11
- 0
src/net/oncrpc/nfs_open.c View File

145
145
146 
 	DBGC ( nfs, "NFS_OPEN %p completed (%s)\n", nfs, strerror ( rc ) );
 146 
 	DBGC ( nfs, "NFS_OPEN %p completed (%s)\n", nfs, strerror ( rc ) );
147
147
148 
+	free ( nfs->filename );
149 
+
148 
 	intf_shutdown ( &nfs->xfer, rc );
 150 
 	intf_shutdown ( &nfs->xfer, rc );
149 
 	intf_shutdown ( &nfs->pm_intf, rc );
 151 
 	intf_shutdown ( &nfs->pm_intf, rc );
150 
 	intf_shutdown ( &nfs->mount_intf, rc );
 152 
 	intf_shutdown ( &nfs->mount_intf, rc );
334 
 			goto done;
 336 
 			goto done;
335 
 		}
 337 
 		}
336
338
339 
+		/* We need to strdup() nfs->filename since the code handling
340 
+		 * symlink resolution make the assumption that it can be
341 
+		 * free()ed. */
342 
+		if ( ( nfs->filename = strdup ( nfs->filename ) ) == NULL )
343 
+		{
344 
+			rc = -ENOMEM;
345 
+			goto err;
346 
+		}
347 
+
337 
 		nfs->current_fh = mnt_reply.fh;
 348 
 		nfs->current_fh = mnt_reply.fh;
338 
 		nfs->nfs_state = NFS_LOOKUP;
 349 
 		nfs->nfs_state = NFS_LOOKUP;
339 
 		nfs_step ( nfs );
 350 
 		nfs_step ( nfs );

Write Preview
Loading…
Cancel
Save