rbd: ensure invalid pointers are made null
Fix a number of spots where a pointer value that is known to
have become invalid but was not reset to null.
Also, toss in a change so we use sizeof (object) rather than
sizeof (type).
Signed-off-by: Alex Elder <elder@inktank.com>
Reviewed-by: Josh Durgin <josh.durgin@inktank.com>
diff --git a/drivers/block/rbd.c b/drivers/block/rbd.c
index 02de524..e5eaa70 100644
--- a/drivers/block/rbd.c
+++ b/drivers/block/rbd.c
@@ -568,6 +568,7 @@
err_names:
kfree(header->snap_names);
header->snap_names = NULL;
+ header->snap_names_len = 0;
err_snapc:
kfree(header->snapc);
header->snapc = NULL;
@@ -631,9 +632,14 @@
static void rbd_header_free(struct rbd_image_header *header)
{
kfree(header->object_prefix);
+ header->object_prefix = NULL;
kfree(header->snap_sizes);
+ header->snap_sizes = NULL;
kfree(header->snap_names);
+ header->snap_names = NULL;
+ header->snap_names_len = 0;
ceph_put_snap_context(header->snapc);
+ header->snapc = NULL;
}
/*
@@ -2418,7 +2424,10 @@
out_err:
kfree(rbd_dev->header_name);
+ rbd_dev->header_name = NULL;
kfree(rbd_dev->image_name);
+ rbd_dev->image_name = NULL;
+ rbd_dev->image_name_len = 0;
kfree(rbd_dev->pool_name);
rbd_dev->pool_name = NULL;
@@ -2470,6 +2479,7 @@
options);
if (IS_ERR(rbd_dev->rbd_client)) {
rc = PTR_ERR(rbd_dev->rbd_client);
+ rbd_dev->rbd_client = NULL;
goto err_put_id;
}