commit 6cec2aed8686840906f6298391dc4fd04d9ba843
author Steve French <smfltc@us.ibm.com> Wed Feb 22 17:31:52 2006 -0600
committer Linus Torvalds <torvalds@g5.osdl.org> Wed Feb 22 15:20:33 2006 -0800
tree a6ae4784522a03c5b8eb6041ef0da5e8c81b14dc
parent c45ec6566021ba3162233b575e7bc76d57b86688

[PATCH] CIFS: CIFSSMBRead was returning an invalid pointer in buf on socket error

Thanks to Adrian Bunk for debugging the problem and to Shaggy for
helping find the solution.

Also added a fix for 64K pages we found in loosely-related testing

Signed-off-by: Dave Kleikamp <shaggy@austin.ibm.com>
Signed-off-by: Steve French <sfrench@us.ibm.com>
Signed-off-by: Linus Torvalds <torvalds@osdl.org>

fs/cifs/cifssmb.c

diff --git a/fs/cifs/cifssmb.c b/fs/cifs/cifssmb.c
index 217323b..b41e8b3 100644
--- a/fs/cifs/cifssmb.c
+++ b/fs/cifs/cifssmb.c
@@ -1048,13 +1048,14 @@
 			cifs_small_buf_release(iov[0].iov_base);
 		else if(resp_buf_type == CIFS_LARGE_BUFFER)
 			cifs_buf_release(iov[0].iov_base);
-	} else /* return buffer to caller to free */ /* BB FIXME how do we tell caller if it is not a large buffer */ {
-		*buf = iov[0].iov_base;
+	} else if(resp_buf_type != CIFS_NO_BUFFER) {
+		/* return buffer to caller to free */ 
+		*buf = iov[0].iov_base;		
 		if(resp_buf_type == CIFS_SMALL_BUFFER)
 			*pbuf_type = CIFS_SMALL_BUFFER;
 		else if(resp_buf_type == CIFS_LARGE_BUFFER)
 			*pbuf_type = CIFS_LARGE_BUFFER;
-	}
+	} /* else no valid buffer on return - leave as null */
 
 	/* Note: On -EAGAIN error only caller can retry on handle based calls
 		since file handle passed in no longer valid */