From 96eedc649c8c0909a564787afebcfbe0588fd651 Mon Sep 17 00:00:00 2001
From: Jeremy Kerr <jk@ozlabs.org>
Date: Wed, 9 Oct 2013 16:37:25 +0800
Subject: [PATCH 1/1] discover/device-handler: Fix use-after-free when
 unmounting

We need to do the rmdir after clearing mount_path.

Signed-off-by: Jeremy Kerr <jk@ozlabs.org>
---
 discover/device-handler.c | 5 +++--
 1 file changed, 3 insertions(+), 2 deletions(-)

diff --git a/discover/device-handler.c b/discover/device-handler.c
index 04a4484..94abb51 100644
--- a/discover/device-handler.c
+++ b/discover/device-handler.c
@@ -803,11 +803,12 @@ static int umount_device(struct discover_device *dev)
 		return -1;
 
 	dev->mounted = false;
-	talloc_free(dev->mount_path);
-	dev->mount_path = NULL;
 
 	pb_rmdir_recursive(mount_base(), dev->mount_path);
 
+	talloc_free(dev->mount_path);
+	dev->mount_path = NULL;
+
 	return 0;
 }
 
-- 
2.39.2