Windows: AFSCreate avoid race leading to NULL dereference

If a test for NULL is performed ahead of an assignment and then
use of the assigned value, there is a race which can result in
the assigned value being NULL if the value being assigned is
altered by another thread.

Perform the assignment first then test based upon that.

Change-Id: I6d50619dab168c2aa12542b14217779f1be08ee9
Reviewed-on: http://gerrit.openafs.org/10296
Tested-by: BuildBot <buildbot@rampaginggeek.com>
Reviewed-by: Jeffrey Altman <jaltman@your-file-system.com>

diff --git a/src/WINNT/afsrdr/kernel/lib/AFSCreate.cpp b/src/WINNT/afsrdr/kernel/lib/AFSCreate.cpp
index 3df5646..4254a7e 100644 (file)
--- a/src/WINNT/afsrdr/kernel/lib/AFSCreate.cpp
+++ b/src/WINNT/afsrdr/kernel/lib/AFSCreate.cpp
@@ -4128,13 +4128,15 @@ AFSOpenSpecialShareFcb( IN PIRP Irp,
 
             pParentObjectInfo = AFSFindObjectInfo( pObjectInfo->VolumeCB,
                                                    &pObjectInfo->ParentFileId,
-                                                   TRUE);
-        }
+                                                  TRUE);
+       }
 
-        if( DirectoryCB->ObjectInformation->Fcb == NULL)
-        {
+       *Fcb = pObjectInfo->Fcb;
 
-            //
+       if( *Fcb == NULL)
+       {
+
+           //
             // Allocate and initialize the Fcb for the file.
             //
 
@@ -4165,8 +4167,6 @@ AFSOpenSpecialShareFcb( IN PIRP Irp,
         else
         {
 
-            *Fcb = pObjectInfo->Fcb;
-
             AFSAcquireExcl( &(*Fcb)->NPFcb->Resource,
                             TRUE);
         }