From e691a757d6f43fa11e3b9a84cf5cbb151a8e9a3b Mon Sep 17 00:00:00 2001
From: Jeffrey Altman <jaltman@your-file-system.com>
Date: Thu, 3 May 2012 19:58:31 -0400
Subject: [PATCH] Windows: AFSInitFcb STATUS_REPARSE cleanup

If a race is detected when creating a new File Control Block in
AFSInitFcb() the Fcb Header must be torn down and the ExtentsResource
and DirtyExtentsListLock must be deleted prior to freeing the pool
memory.

Change-Id: I3c3f45aed26ea62b4d20e5c5e80d1237d96c912c
Reviewed-on: http://gerrit.openafs.org/7326
Tested-by: BuildBot <buildbot@rampaginggeek.com>
Reviewed-by: Jeffrey Altman <jaltman@secure-endpoints.com>
Tested-by: Jeffrey Altman <jaltman@secure-endpoints.com>
---
 src/WINNT/afsrdr/kernel/lib/AFSFcbSupport.cpp | 29 +++++++++----------
 1 file changed, 14 insertions(+), 15 deletions(-)

diff --git a/src/WINNT/afsrdr/kernel/lib/AFSFcbSupport.cpp b/src/WINNT/afsrdr/kernel/lib/AFSFcbSupport.cpp
index 5e148e4de2..9f1a979136 100644
--- a/src/WINNT/afsrdr/kernel/lib/AFSFcbSupport.cpp
+++ b/src/WINNT/afsrdr/kernel/lib/AFSFcbSupport.cpp
@@ -59,7 +59,6 @@ AFSInitFcb( IN AFSDirectoryCB  *DirEntry)
     AFSFcb *pFcb = NULL;
     AFSNonPagedFcb *pNPFcb = NULL;
     IO_STATUS_BLOCK stIoSb = {0,0};
-    BOOLEAN bUninitFileLock = FALSE;
     USHORT  usFcbLength = 0;
     ULONGLONG   ullIndex = 0;
     AFSDirEnumEntry *pDirEnumCB = NULL;
@@ -193,8 +192,6 @@ AFSInitFcb( IN AFSDirectoryCB  *DirEntry)
                                      NULL,
                                      NULL);
 
-            bUninitFileLock = TRUE;
-
             //
             // Initialize the header file sizes to our dir entry information
             //
@@ -314,32 +311,34 @@ try_exit:
             if( pFcb != NULL)
             {
 
-                if( bUninitFileLock)
-                {
-
-                    FsRtlUninitializeFileLock( &pFcb->Specific.File.FileLock);
-                }
-
                 if( pNPFcb != NULL)
                 {
 
                     AFSReleaseResource( &pNPFcb->Resource);
 
+                    FsRtlTeardownPerStreamContexts( &pFcb->Header);
+
+                    if ( pObjectInfo->FileType == AFS_FILE_TYPE_FILE)
+                    {
+
+                        FsRtlUninitializeFileLock( &pFcb->Specific.File.FileLock);
+
+                        ExDeleteResourceLite( &pNPFcb->Specific.File.ExtentsResource);
+
+                        ExDeleteResourceLite( &pNPFcb->Specific.File.DirtyExtentsListLock);
+                    }
+
                     ExDeleteResourceLite( &pNPFcb->PagingResource);
 
                     ExDeleteResourceLite( &pNPFcb->CcbListLock);
 
                     ExDeleteResourceLite( &pNPFcb->Resource);
+
+                    AFSExFreePool( pNPFcb);
                 }
 
                 AFSExFreePool( pFcb);
             }
-
-            if( pNPFcb != NULL)
-            {
-
-                AFSExFreePool( pNPFcb);
-            }
         }
     }