cifs: Use after free in debug code (f391d6ee) · Commits · EulixOS / Software / Kernel

fs/cifs/sess.c

+2 −2

Original line number	Diff line number	Diff line
		@@ -302,14 +302,14 @@ cifs_chan_update_iface(struct cifs_ses ses, struct TCP_Server_Info server)

		/* now drop the ref to the current iface */
		if (old_iface && iface) {
		kref_put(&old_iface->refcount, release_iface);
		cifs_dbg(FYI, "replacing iface: %pIS with %pIS\n",
		&old_iface->sockaddr,
		&iface->sockaddr);
		} else if (old_iface) {
		kref_put(&old_iface->refcount, release_iface);
		} else if (old_iface) {
		cifs_dbg(FYI, "releasing ref to iface: %pIS\n",
		&old_iface->sockaddr);
		kref_put(&old_iface->refcount, release_iface);
		} else {
		WARN_ON(!iface);
		cifs_dbg(FYI, "adding new iface: %pIS\n", &iface->sockaddr);