CIFS: Don't free volume_info->UNC until we are entirely done with it.
authorJesper Juhl <jj@chaosbits.net>
Sat, 27 Aug 2011 16:58:34 +0000 (18:58 +0200)
committerJiri Kosina <jkosina@suse.cz>
Tue, 27 Sep 2011 16:08:04 +0000 (18:08 +0200)
In cleanup_volume_info_contents() we kfree(volume_info->UNC); and then
proceed to use that variable on the very next line.
This causes (at least) Coverity Prevent to complain about use-after-free
of that variable (and I guess other checkers may do that as well).
There's not any /real/ problem here since we are just using the value of
the pointer, not actually dereferencing it, but it's still trivial to
silence the tool, so why not?
To me at least it also just seems nicer to defer freeing the variable
until we are entirely done with it in all respects.

Signed-off-by: Jesper Juhl <jj@chaosbits.net>
Reviewed-by: Jeff Layton <jlayton@redhat.com>
Signed-off-by: Jiri Kosina <jkosina@suse.cz>
fs/cifs/connect.c

index 633c246b67752efe0f7460cb01e8ac62309314e8..9bb4b10f0cda1d69e429b96ae3ec18979fde6a11 100644 (file)
@@ -2877,9 +2877,9 @@ cleanup_volume_info_contents(struct smb_vol *volume_info)
 {
        kfree(volume_info->username);
        kzfree(volume_info->password);
-       kfree(volume_info->UNC);
        if (volume_info->UNCip != volume_info->UNC + 2)
                kfree(volume_info->UNCip);
+       kfree(volume_info->UNC);
        kfree(volume_info->domainname);
        kfree(volume_info->iocharset);
        kfree(volume_info->prepath);