[PATCH] kfree in fs/nfsd/nfs4xdr.c:savemem()

[Benny Halevy]

The wrong pointer is being kfree'd in savemem() when defer_free
returns with an error.

Benny

Signed-off-by: Benny Halevy <bhalevy at panasas.com>

diff -rp -U 11 a/fs/nfsd/nfs4xdr.c b/fs/nfsd/nfs4xdr.c
--- a/fs/nfsd/nfs4xdr.c 2006-12-18 19:18:45.000000000 +0200
+++ b/fs/nfsd/nfs4xdr.c 2006-12-25 09:15:58.000000000 +0200
@@ -197,23 +197,23 @@ static char *savemem(struct nfsd4_compou
        if (p == argp->tmp) {
                new = kmalloc(nbytes, GFP_KERNEL);
                if (!new) return NULL;
                p = new;
                memcpy(p, argp->tmp, nbytes);
        } else {
                if (p != argp->tmpp)
                        BUG();
                argp->tmpp = NULL;
        }
        if (defer_free(argp, kfree, p)) {
-               kfree(new);
+               kfree(p);
                return NULL;
        } else
                return (char *)p;
 }


 static int
 nfsd4_decode_bitmap(struct nfsd4_compoundargs *argp, u32 *bmval)
 {
        u32 bmlen;
        DECODE_HEAD;