diff options
| author | Jeff Layton <jlayton@redhat.com> | 2008-05-12 22:56:05 -0400 |
|---|---|---|
| committer | Steve French <sfrench@us.ibm.com> | 2008-05-12 23:06:13 -0400 |
| commit | 6353450a2deefaa79cdb4fd2b72830c7db610256 (patch) | |
| tree | 8a09c4b38d90c26ec431cb9e3691a73ca0da2031 /fs/cifs/cifssmb.c | |
| parent | d0a9c078db4769f7305ff9774558776d12bfb25b (diff) | |
fix memory leak in CIFSFindNext
When CIFSFindNext gets back an -EBADF from a call, it sets the return
code of the function to 0 and eventually exits. Doing this makes the
cleanup at the end of the function skip freeing the SMB buffer, so
we need to make sure we free the buffer explicitly when doing this.
If we don't you end up with errors like this when unplugging the cifs
kernel module:
slab error in kmem_cache_destroy(): cache `cifs_request': Can't free all objects
[<c046bdbf>] kmem_cache_destroy+0x61/0xf3
[<e0f03045>] cifs_destroy_request_bufs+0x14/0x28 [cifs]
[<e0f2016e>] exit_cifs+0x1e/0x80 [cifs]
[<c043aeae>] sys_delete_module+0x192/0x1b8
[<c04451fd>] audit_syscall_entry+0x14b/0x17d
[<c0405413>] syscall_call+0x7/0xb
=======================
Signed-off-by: Jeff Layton <jlayton@redhat.com>
Diffstat (limited to 'fs/cifs/cifssmb.c')
| -rw-r--r-- | fs/cifs/cifssmb.c | 1 |
1 files changed, 1 insertions, 0 deletions
diff --git a/fs/cifs/cifssmb.c b/fs/cifs/cifssmb.c index 95fbba4ea7d4..641cc8ffc51b 100644 --- a/fs/cifs/cifssmb.c +++ b/fs/cifs/cifssmb.c | |||
| @@ -3679,6 +3679,7 @@ int CIFSFindNext(const int xid, struct cifsTconInfo *tcon, | |||
| 3679 | if (rc) { | 3679 | if (rc) { |
| 3680 | if (rc == -EBADF) { | 3680 | if (rc == -EBADF) { |
| 3681 | psrch_inf->endOfSearch = true; | 3681 | psrch_inf->endOfSearch = true; |
| 3682 | cifs_buf_release(pSMB); | ||
| 3682 | rc = 0; /* search probably was closed at end of search*/ | 3683 | rc = 0; /* search probably was closed at end of search*/ |
| 3683 | } else | 3684 | } else |
| 3684 | cFYI(1, ("FindNext returned = %d", rc)); | 3685 | cFYI(1, ("FindNext returned = %d", rc)); |