From b431ee33e89dfe545609e4f0002706e271785359 Mon Sep 17 00:00:00 2001
From: Su Yue <l@damenly.su>
Date: Mon, 7 Dec 2020 17:07:55 +0800
Subject: [PATCH] btrfs-progs: subvol show: reset subvol_path to NULL after
 free

User reported that 'btrfs subvolume show -u -- /mnt' causes double free.

Pointer subvol_path was freed in iterations but still keeps the old
value.  In the last iteration, error BTRFS_UTIL_ERROR_STOP_ITERATION
returned, then the double free of subvol_path happens in the out goto
label.

Set subvol_path to NULL after each free() in the loop to fix the issue.

Issue: #317
Signed-off-by: Su Yue <l@damenly.su>
Signed-off-by: David Sterba <dsterba@suse.com>
---
 cmds/subvolume.c | 1 +
 1 file changed, 1 insertion(+)

diff --git a/cmds/subvolume.c b/cmds/subvolume.c
index f153cfa9..a6771d10 100644
--- a/cmds/subvolume.c
+++ b/cmds/subvolume.c
@@ -1117,6 +1117,7 @@ static int cmd_subvol_show(const struct cmd_struct *cmd, int argc, char **argv)
 				break;
 
 			free(subvol_path);
+			subvol_path = NULL;
 		}
 		btrfs_util_destroy_subvolume_iterator(iter);
 	} else {