Commit 6353450a authored May 12, 2008 by Jeff Layton Committed by Steve French May 13, 2008

fix memory leak in CIFSFindNext



When CIFSFindNext gets back an -EBADF from a call, it sets the return
code of the function to 0 and eventually exits. Doing this makes the
cleanup at the end of the function skip freeing the SMB buffer, so
we need to make sure we free the buffer explicitly when doing this.

If we don't you end up with errors like this when unplugging the cifs
kernel module:

slab error in kmem_cache_destroy(): cache `cifs_request': Can't free all objects
 [<c046bdbf>] kmem_cache_destroy+0x61/0xf3
 [<e0f03045>] cifs_destroy_request_bufs+0x14/0x28 [cifs]
 [<e0f2016e>] exit_cifs+0x1e/0x80 [cifs]
 [<c043aeae>] sys_delete_module+0x192/0x1b8
 [<c04451fd>] audit_syscall_entry+0x14b/0x17d
 [<c0405413>] syscall_call+0x7/0xb
 =======================

Signed-off-by: Jeff Layton <jlayton@redhat.com>

parent d0a9c078

fs/cifs/CHANGES

+2 −1

Original line number	Diff line number	Diff line
		@@ -12,7 +12,8 @@ Add ability to modify cifs acls for handling chmod (when mounted with
		cifsacl flag). Fix prefixpath path separator so we can handle mounts
		with prefixpaths longer than one directory (one path component) when
		mounted to Windows servers. Fix slow file open when cifsacl
		enabled.
		enabled. Fix memory leak in FindNext when the SMB call returns -EBADF.


		Version 1.51
		------------

fs/cifs/cifssmb.c

+1 −0

Original line number	Diff line number	Diff line
		@@ -3679,6 +3679,7 @@ int CIFSFindNext(const int xid, struct cifsTconInfo *tcon,
		if (rc) {
		if (rc == -EBADF) {
		psrch_inf->endOfSearch = true;
		cifs_buf_release(pSMB);
		rc = 0; /* search probably was closed at end of search*/
		} else
		cFYI(1, ("FindNext returned = %d", rc));