[nfs] Fix an invalid free() when loading a symlink

author Marin Hannache <git@mareo.fr>

Wed, 12 Mar 2014 15:26:24 +0000 (16:26 +0100)

committer Michael Brown <mcb30@ipxe.org>

Mon, 12 May 2014 16:09:37 +0000 (17:09 +0100)
author Marin Hannache <git@mareo.fr>
Wed, 12 Mar 2014 15:26:24 +0000 (16:26 +0100)
committer Michael Brown <mcb30@ipxe.org>
Mon, 12 May 2014 16:09:37 +0000 (17:09 +0100)
diff --git a/src/net/oncrpc/nfs_open.c b/src/net/oncrpc/nfs_open.c

index 349957ffebd583b9689c4f5242b3f7a65e6a6eff..e9f5f9cfef55432dbf3f26e80d75d04c7e889d13 100644 (file)
--- a/src/net/oncrpc/nfs_open.c
+++ b/src/net/oncrpc/nfs_open.c
@@ -145,6 +145,8 @@ static void nfs_done ( struct nfs_request *nfs, int rc ) {
  
         DBGC ( nfs, "NFS_OPEN %p completed (%s)\n", nfs, strerror ( rc ) );
  
+       free ( nfs->filename );
+
         intf_shutdown ( &nfs->xfer, rc );
         intf_shutdown ( &nfs->pm_intf, rc );
         intf_shutdown ( &nfs->mount_intf, rc );
@@ -334,6 +336,15 @@ static int nfs_mount_deliver ( struct nfs_request *nfs,
                         goto done;
                 }
  
+               /* We need to strdup() nfs->filename since the code handling
+                * symlink resolution make the assumption that it can be
+                * free()ed. */
+               if ( ( nfs->filename = strdup ( nfs->filename ) ) == NULL )
+               {
+                       rc = -ENOMEM;
+                       goto err;
+               }
+
                 nfs->current_fh = mnt_reply.fh;
                 nfs->nfs_state = NFS_LOOKUP;
                 nfs_step ( nfs );
author	Marin Hannache <git@mareo.fr>
	Wed, 12 Mar 2014 15:26:24 +0000 (16:26 +0100)
committer	Michael Brown <mcb30@ipxe.org>
	Mon, 12 May 2014 16:09:37 +0000 (17:09 +0100)