From 91fd3c3edcd7f223c5340a8324f67b03a85a73aa Mon Sep 17 00:00:00 2001 From: Dan Carpenter Date: Mon, 13 Jan 2020 16:23:07 +0300 Subject: [PATCH] nfsd4: fix double free in nfsd4_do_async_copy() This frees "copy->nf_src" before and again after the goto. Fixes: ce0887ac96d3 ("NFSD add nfs4 inter ssc to nfsd4_copy") Signed-off-by: Dan Carpenter Reviewed-by: Olga Kornievskaia Signed-off-by: J. Bruce Fields --- fs/nfsd/nfs4proc.c | 1 - 1 file changed, 1 deletion(-) diff --git a/fs/nfsd/nfs4proc.c b/fs/nfsd/nfs4proc.c index e4ddaf87493a..0e75f7fb5fec 100644 --- a/fs/nfsd/nfs4proc.c +++ b/fs/nfsd/nfs4proc.c @@ -1469,7 +1469,6 @@ static int nfsd4_do_async_copy(void *data) copy->nf_src->nf_file = nfs42_ssc_open(copy->ss_mnt, ©->c_fh, ©->stateid); if (IS_ERR(copy->nf_src->nf_file)) { - kfree(copy->nf_src); copy->nfserr = nfserr_offload_denied; nfsd4_interssc_disconnect(copy->ss_mnt); goto do_callback; -- 2.30.2