Tue Oct 28 16:54:11 2014 UTC ()

Fix invalid free in deletextattr FUSE handler

Do not free FUSE message on error as it was not allocated.


(manu)

diff -r1.76 -r1.77 src/lib/libperfuse/ops.c

--- src/lib/libperfuse/ops.c 2014/10/11 04:19:38	1.76
+++ src/lib/libperfuse/ops.c 2014/10/28 16:54:11	1.77

 @@ -1,14 +1,14 @@
-/*  $NetBSD: ops.c,v 1.76 2014/10/11 04:19:38 manu Exp $ */
+/*  $NetBSD: ops.c,v 1.77 2014/10/28 16:54:11 manu Exp $ */
 /*-
  *  Copyright (c) 2010-2011 Emmanuel Dreyfus. All rights reserved.
+ *
  *  Redistribution and use in source and binary forms, with or without
  *  modification, are permitted provided that the following conditions
  *  are met:
  *  1. Redistributions of source code must retain the above copyright
  *     notice, this list of conditions and the following disclaimer.
  *  2. Redistributions in binary form must reproduce the above copyright
  *     notice, this list of conditions and the following disclaimer in the
  *     documentation and/or other materials provided with the distribution.
+ *
 @@ -3623,19 +3623,21 @@ perfuse_node_deleteextattr(struct puffs_
 		return EPERM;
 	node_ref(opc);
 	ps = puffs_getspecific(pu);
 	attrname = perfuse_native_ns(attrns, attrname, fuse_attrname);
 	attrnamelen = strlen(attrname) + 1;
 	pm = ps->ps_new_msg(pu, opc, FUSE_REMOVEXATTR, attrnamelen, pcr);
 	np = _GET_INPAYLOAD(ps, pm, char *);
 	(void)strlcpy(np, attrname, attrnamelen);
 	error = xchg_msg(pu, opc, pm, NO_PAYLOAD_REPLY_LEN, wait_reply);
 	if (error != 0)
 		goto out;
 	ps->ps_destroy_msg(pm);
 out:
 	node_rele(opc);
 	return error;
+}