autofs-5.1.7 - refactor lookup_prune_one_cache() a bit

From: Ian Kent <raven@themaw.net>

Coverity: use: Using an unreliable value of "me" inside the second locked
	  section.

Change lookup_prune_one_cache() a little, move the location the next
key is set (before releasing the lock) and add a comment explaining
why we don't care about the side effects of the read lock release/
write lock aquire/write lock release/read lock reaquire.

Signed-off-by: Ian Kent <raven@themaw.net>
---
 CHANGELOG       |    1 +
 daemon/lookup.c |   20 +++++++++++++++++++-
 2 files changed, 20 insertions(+), 1 deletion(-)

diff --git a/CHANGELOG b/CHANGELOG
index 81461978..b79aebc8 100644
--- a/CHANGELOG
+++ b/CHANGELOG
@@ -63,6 +63,7 @@
 - fix arg not used in error print.
 - fix missing lock release in mount_subtree().
 - fix double free in parse_mapent().
+- refactor lookup_prune_one_cache() a bit.
 
 25/01/2021 autofs-5.1.7
 - make bind mounts propagation slave by default.
diff --git a/daemon/lookup.c b/daemon/lookup.c
index 32dbc24d..3e9722e4 100644
--- a/daemon/lookup.c
+++ b/daemon/lookup.c
@@ -1375,7 +1375,6 @@ void lookup_prune_one_cache(struct autofs_point *ap, struct mapent_cache *mc, ti
 		}
 
 		key = strdup(me->key);
-		me = cache_enumerate(mc, me);
 		/* Don't consider any entries with a wildcard */
 		if (!key || strchr(key, '*')) {
 			if (key)
@@ -1422,6 +1421,7 @@ void lookup_prune_one_cache(struct autofs_point *ap, struct mapent_cache *mc, ti
 		if (valid)
 			cache_unlock(valid->mc);
 
+		me = cache_enumerate(mc, me);
 		if (me)
 			next_key = strdup(me->key);
 
@@ -1456,6 +1456,24 @@ void lookup_prune_one_cache(struct autofs_point *ap, struct mapent_cache *mc, ti
 next:
 		cache_readlock(mc);
 		if (next_key) {
+			/* The lock release and reaquire above can mean
+			 * a number of things could happen.
+			 *
+			 * First, mapents could be added between the
+			 * current mapent and the mapent of next_key.
+			 * Don't care about that because there's no
+			 * need to prune newly added entries.
+			 *
+			 * Second, the next mapent data could have
+			 * changed. Don't care about that either since
+			 * we are looking to prune stale map entries
+			 * and don't care when they become stale.
+			 *
+			 * Finally, the mapent of next_key could have
+			 * gone away. Again don't care about this either,
+			 * the loop will exit prematurely so just wait
+			 * until the next prune and try again.
+			 */
 			me = cache_lookup_distinct(mc, next_key);
 			free(next_key);
 		}