Commit 45abdf1c authored Oct 23, 2008 by Tom Tucker Committed by Eric Van Hensbergen Nov 05, 2008

p9: Fix leak of waitqueue in request allocation path



If a T or R fcall cannot be allocated, the function returns an error
but neglects to free the wait queue that was successfully allocated.

If it comes through again a second time this wq will be overwritten
with a new allocation and the old allocation will be leaked.

Also, if the client is subsequently closed, the close path will
attempt to clean up these allocations, so set the req fields to
NULL to avoid duplicate free.

Signed-off-by: Tom Tucker <tom@opengridcomputing.com>
Signed-off-by: Eric Van Hensbergen <ericvh@gmail.com>

parent 82b189ea

net/9p/client.c

+3 −0

Original line number	Original line	Diff line number	Diff line
	@@ -189,6 +189,9 @@ static struct p9_req_t p9_tag_alloc(struct p9_client c, u16 tag)
	printk(KERN_ERR "Couldn't grow tag array\n");		printk(KERN_ERR "Couldn't grow tag array\n");
	kfree(req->tc);		kfree(req->tc);
	kfree(req->rc);		kfree(req->rc);
			kfree(req->wq);
			req->tc = req->rc = NULL;
			req->wq = NULL;
	return ERR_PTR(-ENOMEM);		return ERR_PTR(-ENOMEM);
	}		}
	req->tc->sdata = (char *) req->tc + sizeof(struct p9_fcall);		req->tc->sdata = (char *) req->tc + sizeof(struct p9_fcall);