From 2df2de06e5df64f5666316b14d67de7e7c5dae70 Mon Sep 17 00:00:00 2001
From: Andrew Deason <adeason@dson.org>
Date: Sun, 21 Jul 2019 21:15:11 -0500
Subject: [PATCH] rx: Avoid leaking 'sq' in libafs rx_GetCall

Currently, in rx_GetCall when building for the kernel, if we notice
that we're shutting down (that is, if afs_termState has reached
AFSOP_STOP_RXCALLBACK), we return immediately. However, 'sq' may have
been allocated much earlier in this function, and if we return here,
we never free 'sq' or set it on any list.

Returning immediately is also unnecessary here; if we just 'break' out
of our wait loop, 'call' will still be NULL, and we'll break out of
the outer loop, and go through the rest of the function like normal.
The only difference is, if we 'break' instead of 'return'ing, we'll
put 'sq' on the free list before returning.

So, just 'break' out of the loop instead of returning, so we put 'sq'
on the free list and avoid leaking its memory.

Change-Id: Ibb2f4e697a586392f76ccdbbefdae8d75740f6fe
Reviewed-on: https://gerrit.openafs.org/13715
Reviewed-by: Benjamin Kaduk <kaduk@mit.edu>
Tested-by: Benjamin Kaduk <kaduk@mit.edu>
---
 src/rx/rx.c | 3 +--
 1 file changed, 1 insertion(+), 2 deletions(-)

diff --git a/src/rx/rx.c b/src/rx/rx.c
index 2383e5c786..0ae611eda4 100644
--- a/src/rx/rx.c
+++ b/src/rx/rx.c
@@ -2131,8 +2131,7 @@ rx_GetCall(int tno, struct rx_service *cur_service, osi_socket * socketp)
 		CV_WAIT(&sq->cv, &rx_serverPool_lock);
 #ifdef	KERNEL
 		if (afs_termState == AFSOP_STOP_RXCALLBACK) {
-		    MUTEX_EXIT(&rx_serverPool_lock);
-		    return (struct rx_call *)0;
+		    break;
 		}
 #endif
 	    } while (!(call = sq->newcall)