Improve style and fix a possible use-after-free case introduced in r268384

by reinitializing the 'freestate' pointer after freeing the memory. Obtained from: HardenedBSD (71fab80c5dd3034b71a29a61064625018671bbeb) PR: 194525 Submitted by: Oliver Pinter <oliver.pinter@hardenedbsd.org> MFC after: 2 weeks
2015-01-10 06:48:35 +00:00 · 2015-01-10 06:48:35 +00:00 · 6e19f0def0
commit 6e19f0def0
parent 3a9f9af803
1 changed files with 2 additions and 1 deletions
--- a/sys/kern/kern_lockf.c
+++ b/sys/kern/kern_lockf.c
@ -740,12 +740,13 @@ lf_advlockasync(struct vop_advlockasync_args *ap, struct lockf **statep,

 	VI_UNLOCK(vp);

-	if (freestate) {
+	if (freestate != NULL) {
 		sx_xlock(&lf_lock_states_lock);
 		LIST_REMOVE(freestate, ls_link);
 		sx_xunlock(&lf_lock_states_lock);
 		sx_destroy(&freestate->ls_lock);
 		free(freestate, M_LOCKF);
+		freestate = NULL;
 	}

 	if (error == EDOOFUS) {