From deb66c9831e82f75f7ce6e78d6db23353b64a490 Mon Sep 17 00:00:00 2001
From: Oleg Drokin <oleg.drokin@intel.com>
Date: Sun, 26 Apr 2015 22:43:54 -0400
Subject: [PATCH] LU-6505 libcfs: Use after free in __proc_cpt_table

Only free the too small buffer if it's really too small, not always.

Change-Id: I3fbdcb74dd0091c43aeb3e5b98460c203595bc19
Signed-off-by: Oleg Drokin <oleg.drokin@intel.com>
Reviewed-on: http://review.whamcloud.com/14602
Tested-by: Jenkins
Tested-by: Maloo <hpdd-maloo@intel.com>
Reviewed-by: James Simmons <uja.ornl@yahoo.com>
Reviewed-by: frank zago <fzago@cray.com>
---
 libcfs/libcfs/linux/linux-proc.c | 2 +-
 1 file changed, 1 insertion(+), 1 deletion(-)

diff --git a/libcfs/libcfs/linux/linux-proc.c b/libcfs/libcfs/linux/linux-proc.c
index bbab089..37a98b7 100644
--- a/libcfs/libcfs/linux/linux-proc.c
+++ b/libcfs/libcfs/linux/linux-proc.c
@@ -348,8 +348,8 @@ static int __proc_cpt_table(void *data, int write,
 		if (rc >= 0)
 			break;
 
-		LIBCFS_FREE(buf, len);
 		if (rc == -EFBIG) {
+			LIBCFS_FREE(buf, len);
 			len <<= 1;
 			continue;
 		}
-- 
1.8.3.1