From ca93505a789affd190278f9074272939602b9d98 Mon Sep 17 00:00:00 2001
From: Marin Hannache <git@mareo.fr>
Date: Thu, 15 May 2014 19:05:48 +0200
Subject: [PATCH] [nfs] Fix an invalid free() when loading a regular
 (non-symlink) file

An invalid free() was ironically introduced by fixing another invalid
free in commit 7aa69c4 ("[nfs] Fix an invalid free() when loading a
symlink").

Signed-off-by: Marin Hannache <git@mareo.fr>
Signed-off-by: Michael Brown <mcb30@ipxe.org>
---
 src/net/oncrpc/nfs_open.c | 7 ++++---
 1 file changed, 4 insertions(+), 3 deletions(-)

diff --git a/src/net/oncrpc/nfs_open.c b/src/net/oncrpc/nfs_open.c
index e9f5f9cf..68f406f4 100644
--- a/src/net/oncrpc/nfs_open.c
+++ b/src/net/oncrpc/nfs_open.c
@@ -145,7 +145,7 @@ static void nfs_done ( struct nfs_request *nfs, int rc ) {
 
 	DBGC ( nfs, "NFS_OPEN %p completed (%s)\n", nfs, strerror ( rc ) );
 
-	free ( nfs->filename );
+	free ( nfs->filename - nfs->filename_offset );
 
 	intf_shutdown ( &nfs->xfer, rc );
 	intf_shutdown ( &nfs->pm_intf, rc );
@@ -327,8 +327,9 @@ static int nfs_mount_deliver ( struct nfs_request *nfs,
 				goto err;
 
 			sep = strrchr ( nfs->mountpoint, '/' );
-			nfs->filename[-1] = '/';
-			nfs->filename     = sep + 1;
+			nfs->filename[-1]    = '/';
+			nfs->filename_offset = sep + 1 - nfs->filename;
+			nfs->filename        = sep + 1;
 			*sep = '\0';
 
 			DBGC ( nfs, "NFS_OPEN %p ENOTDIR received retrying" \