I got yer regression right HERE!

Urban Widmark urban at teststation.com
Thu Dec 13 01:04:12 GMT 2001 

On Wed, 12 Dec 2001, Esh, Andrew wrote:

> cvs checkout command which gets first non-working version:
> cvs -z3 -d :pserver:cvs at pserver.samba.org:/cvsroot co -rSAMBA_2_2 -D
> "2001-11-27 20:43" -dsamba_2043 samba/source

-D specifies time in the local timezone, specifying GMT or something else
as well as a time makes it work world-wide. Still, having the date is very
helpful.

Someone made cli_shutdown free the struct if it was allocated, but didn't
verify all the callers. Untested patch below for smbmount & the 2_2
branch.

smbmount was double-free'ing when smbfs asked it to reconnect, making
smbmount crash and fail. smbfs would then return EIO because it had no
connection and could not read or verify the "inode" of that entry.

The output from the kernel I asked for previously would most likely have
showed that smbfs did try to reconnect. 

/Urban


Index: client/smbmount.c
===================================================================
RCS file: /cvsroot/samba/source/client/smbmount.c,v
retrieving revision 1.30.4.12
diff -u -r1.30.4.12 smbmount.c
--- client/smbmount.c	10 Dec 2001 23:20:26 -0000	1.30.4.12
+++ client/smbmount.c	13 Dec 2001 08:49:56 -0000
@@ -153,7 +153,6 @@
 		DEBUG(0,("%d: Connection to %s failed\n", getpid(), server_n));
 		if (c) {
 			cli_shutdown(c);
-			free(c);
 		}
 		return NULL;
 	}
@@ -163,7 +162,6 @@
 		DEBUG(0,("%d: session request to %s failed (%s)\n", 
 			 getpid(), called.name, cli_errstr(c)));
 		cli_shutdown(c);
-		free(c);
 		if ((p=strchr(called.name, '.'))) {
 			*p = 0;
 			goto again;
@@ -180,7 +178,6 @@
 	if (!cli_negprot(c)) {
 		DEBUG(0,("%d: protocol negotiation failed\n", getpid()));
 		cli_shutdown(c);
-		free(c);
 		return NULL;
 	}
 
@@ -202,7 +199,6 @@
 			DEBUG(0,("%d: session setup failed: %s\n",
 				 getpid(), cli_errstr(c)));
 			cli_shutdown(c);
-			free(c);
 			return NULL;
 		}
 		DEBUG(0,("Anonymous login successful\n"));
@@ -215,7 +211,6 @@
 		DEBUG(0,("%d: tree connect failed: %s\n",
 			 getpid(), cli_errstr(c)));
 		cli_shutdown(c);
-		free(c);
 		return NULL;
 	}
 
@@ -364,7 +359,6 @@
 		   If we don't do this we will "leak" sockets and memory on
 		   each reconnection we have to make. */
 		cli_shutdown(c);
-		free(c);
 		c = NULL;
 
 		if (!closed) {

More information about the samba-technical mailing list