svn commit: r252356 - in head: contrib/smbfs/mount_smbfs etc/defaults etc/mtree include lib lib/libprocstat rescue/rescue sbin/mount share/examples share/examples/etc share/mk sys/conf sys/kern sys...

[Davide Italiano]

On Wed, Jul 3, 2013 at 11:28 AM, Ulrich Spörlein <uqs at freebsd.org> wrote:
> On Fri, 2013-06-28 at 21:00:08 +0000, Davide Italiano wrote:
>> Author: davide
>> Date: Fri Jun 28 21:00:08 2013
>> New Revision: 252356
>> URL: http://svnweb.freebsd.org/changeset/base/252356
>>
>> Log:
>>   - Trim an unused and bogus Makefile for mount_smbfs.
>>   - Reconnect with some minor modifications, in particular now selsocket()
>>   internals are adapted to use sbintime units after recent'ish calloutng
>>   switch.
>
> yay, for reconnecting this to the build. Now Coverity Scan is "seeing"
> this code and there are dozens of double frees in the form:
>
> smb_rq_done(rqp);
> free(rqp, M_SMBFSDATA);
>
> But smb_rq_done() is already calling free(rqp). This seems easy to audit
> and fix.
> (sometimes the order is swapped, so it's a USE_AFTER_FREE instead)
>
> This is CIDs 1042109 -- 1042126, all in smbfs_smb.c.
>
> Thanks for looking into this
> Uli

I've just committed a fix. If there's something I missed don't
hesitate to poke me privately.

Thanks,

-- 
Davide

"There are no solved problems; there are only problems that are more
or less solved" -- Henri Poincare