From: Arne Redlich <arne.redlich@googlemail.com>
Date: Mon, 17 Feb 2014 22:22:02 +0000 (+0100)
Subject: nfs_fchown_async: fix nullptr dereference
X-Git-Tag: upstream/1.9.6^2~100
X-Git-Url: https://git.piment-noir.org/?p=deb_libnfs.git;a=commitdiff_plain;h=6b1f14ca0177a25a72eaf1f62ed1ad00f6ae4f5f

nfs_fchown_async: fix nullptr dereference

nfs_chown_data is hooked up under nfs_cb_data->continue_data but
no ->free_continue_data is configured, so once free_nfs_cb_data is
invoked it will trip over a nullptr.

Signed-off-by: Arne Redlich <arne.redlich@googlemail.com>
---

diff --git a/lib/libnfs.c b/lib/libnfs.c
index a6987d5..b2a5350 100644
--- a/lib/libnfs.c
+++ b/lib/libnfs.c
@@ -3444,6 +3444,7 @@ int nfs_fchown_async(struct nfs_context *nfs, struct nfsfh *nfsfh, int uid, int
 	data->cb            = cb;
 	data->private_data  = private_data;
 	data->continue_data = chown_data;
+	data->free_continue_data = free;
 	data->fh.data.data_len = nfsfh->fh.data.data_len;
 	data->fh.data.data_val = malloc(data->fh.data.data_len);
 	if (data->fh.data.data_val == NULL) {