From 41e476ea08e846fc78de05489e89a0492f0616dd Mon Sep 17 00:00:00 2001
From: Andrey Vagin <avagin@openvz.org>
Date: Fri, 31 Oct 2014 16:36:54 +0300
Subject: [PATCH] shmem: don't unmap a memrory region in
 restore_shmem_content()

This function doesn't allocate memory, so it should not release it.

CID 73380 (#1 of 1): Use after free (USE_AFTER_FREE)
14. deref_arg: Calling munmap dereferences freed pointer addr.
---
 shmem.c | 5 +----
 1 file changed, 1 insertion(+), 4 deletions(-)

diff --git a/shmem.c b/shmem.c
index 82bf9d34c9..2e9e4fca03 100644
--- a/shmem.c
+++ b/shmem.c
@@ -129,7 +129,7 @@ static int restore_shmem_content(void *addr, struct shmem_info *si)
 
 	ret = open_page_read(si->shmid, &pr, opts.auto_dedup ? O_RDWR : O_RSTR, true);
 	if (ret)
-		goto err_unmap;
+		return -1;
 
 	fd_pg = img_raw_fd(pr.pi);
 	while (1) {
@@ -168,9 +168,6 @@ static int restore_shmem_content(void *addr, struct shmem_info *si)
 
 	pr.close(&pr);
 	return ret;
-err_unmap:
-	munmap(addr,  si->size);
-	return -1;
 }
 
 int get_shmem_fd(int pid, VmaEntry *vi)