Unix CM: Don't free cell, then release lock on it

If afs_NewCell fails, then we can end up releasing a lock on a
section of memory that we have already freed. As this only happens
if the memory we're operating on is newly allocated and not yet
visible to anyone else, it is safe to release the lock before
starting to tidy things up.

Caught by coverity (#986054)

Reviewed-on: http://gerrit.openafs.org/9298
Reviewed-by: Derrick Brashear <shadow@your-file-system.com>
Tested-by: BuildBot <buildbot@rampaginggeek.com>
Reviewed-by: Jeffrey Altman <jaltman@your-file-system.com>
(cherry picked from commit 816b0c76738b7e404c9384a745b58b4d90bfc30d)

Change-Id: I7976f00431e4dc96642b45fc7563485a5087c938
Reviewed-on: http://gerrit.openafs.org/11025
Reviewed-by: Nathaniel Filardo <nwfilardo@gmail.com>
Reviewed-by: Chas Williams - CONTRACTOR <chas@cmf.nrl.navy.mil>
Tested-by: BuildBot <buildbot@rampaginggeek.com>
Reviewed-by: Andrew Deason <adeason@sinenomine.net>
Reviewed-by: Stephan Wiesand <stephan.wiesand@desy.de>

diff --git a/src/afs/afs_cell.c b/src/afs/afs_cell.c
index 3e4259a..1a72964 100644 (file)
--- a/src/afs/afs_cell.c
+++ b/src/afs/afs_cell.c
@@ -1016,11 +1016,15 @@ afs_NewCell(char *acellName, afs_int32 * acellHosts, int aflags,
     return 0;
 
   bad:
+    ReleaseWriteLock(&tc->lock);
+
     if (newc) {
+       /* If we're a new cell, nobody else can see us, so doing this
+        * after lock release is safe */
        afs_osi_FreeStr(tc->cellName);
        afs_osi_Free(tc, sizeof(struct cell));
     }
-    ReleaseWriteLock(&tc->lock);
+
     ReleaseWriteLock(&afs_xcell);
     return code;
 }