libafs: don't free a null pointer in an unlikely error condition

It is extremely unlikely that we will ever fail to allocate two
bytes in SRXAFSCB_GetCellServDB() to hold the empty-string return
value for the case where the specified cell can't be found.  But
that would result in freeing a null pointer, so check for it.

Change-Id: I47a296148e231b0ef20ecd18b8458b912f22a58c
Found-by: clang static analyzer with the help of AFS_NONNULL
Reviewed-on: http://gerrit.openafs.org/5261
Tested-by: BuildBot <buildbot@rampaginggeek.com>
Reviewed-by: Derrick Brashear <shadow@dementix.org>

diff --git a/src/afs/afs_callback.c b/src/afs/afs_callback.c
index b880979..c2d36a1 100644 (file)
--- a/src/afs/afs_callback.c
+++ b/src/afs/afs_callback.c
@@ -1304,7 +1304,8 @@ SRXAFSCB_GetCellServDB(struct rx_call *a_call, afs_int32 a_index,
 
     t_name = afs_osi_Alloc(i + 1);
     if (t_name == NULL) {
-       afs_osi_Free(a_hosts->serverList_val, (j * sizeof(afs_int32)));
+       if (tcell != NULL)
+           afs_osi_Free(a_hosts->serverList_val, (j * sizeof(afs_int32)));
        RX_AFS_GUNLOCK();
        return ENOMEM;
     }