From: J. Bruce Fields Date: Tue, 24 Jul 2007 01:43:52 +0000 (-0700) Subject: nfsd: fix possible oops on re-insertion of rpcsec_gss modules X-Git-Tag: v2.6.23-rc2~308 X-Git-Url: https://err.no/cgi-bin/gitweb.cgi?a=commitdiff_plain;h=cb276805803b8e0616159d80a441ab26a931ada4;p=linux-2.6 nfsd: fix possible oops on re-insertion of rpcsec_gss modules The handling of the re-registration case is wrong here; the "test" that was returned from auth_domain_lookup will not be used again, so that reference should be put. And auth_domain_lookup never did anything with "new" in this case, so we should just clean it up ourself. Thanks to Akinobu Mita for bug report, analysis, and testing. Cc: Akinobu Mita Signed-off-by: "J. Bruce Fields" Cc: Neil Brown Cc: Trond Myklebust Cc: Signed-off-by: Andrew Morton Signed-off-by: Linus Torvalds --- diff --git a/net/sunrpc/auth_gss/svcauth_gss.c b/net/sunrpc/auth_gss/svcauth_gss.c index 490697542f..dc2f41e9f5 100644 --- a/net/sunrpc/auth_gss/svcauth_gss.c +++ b/net/sunrpc/auth_gss/svcauth_gss.c @@ -769,11 +769,12 @@ svcauth_gss_register_pseudoflavor(u32 pseudoflavor, char * name) new->h.flavour = &svcauthops_gss; new->pseudoflavor = pseudoflavor; + stat = 0; test = auth_domain_lookup(name, &new->h); - if (test != &new->h) { /* XXX Duplicate registration? */ - auth_domain_put(&new->h); - /* dangling ref-count... */ - goto out; + if (test != &new->h) { /* Duplicate registration */ + auth_domain_put(test); + kfree(new->h.name); + goto out_free_dom; } return 0;