Contents of /trunk/util-linux/patches/util-linux-2.12q-update_mtab-fixes.patch
Parent Directory | Revision Log
Revision 153 -
(show annotations)
(download)
Tue May 8 20:52:56 2007 UTC (17 years, 4 months ago) by niro
File size: 2636 byte(s)
Tue May 8 20:52:56 2007 UTC (17 years, 4 months ago) by niro
File size: 2636 byte(s)
-import
1 | This fixes a few issues with update_mtab(): |
2 | - If it is a remount, and only mnt_opts needs updating, mc->m.mnt_opts is set |
3 | to point to instead->mnt_opts, rather than allocating a new string, which |
4 | would cause a double free if the caller actually freed the passed mnt_opts, |
5 | as we free mc->m.mnt_opts before returning to the caller. |
6 | - Mostly the same issue as above. If mtab does not contain the new entry, then |
7 | absent->m is set to point to instead, which would have cause a double free |
8 | if absent was inserted properly into the linked list, since we free all |
9 | elements of absent before returning to the caller. |
10 | - If mtab does not contain the new entry, then only mc0->prev is updated to |
11 | point to absent, but not the old mc0->prev's nxt pointer. Because we then |
12 | use the nxt pointers to write the new mtab, absent is not added to the new |
13 | mtab. |
14 | - If mtab is empty, absent->prev should be set to mc0, and not mc0->prev, as |
15 | it will be NULL. |
16 | - Memory leak if we have to abort before mc0 and co are freed. |
17 | |
18 | Patch by Martin Schlemmer <azarah@gentoo.org> |
19 | |
20 | |
21 | --- util-linux-2.12q/mount/fstab.c 2005-09-14 15:30:10.000000000 +0200 |
22 | +++ util-linux-2.12q.az/mount/fstab.c 2005-09-14 15:31:48.000000000 +0200 |
23 | @@ -604,15 +604,32 @@ update_mtab (const char *dir, struct my_ |
24 | free(mc); |
25 | } |
26 | } else { |
27 | - /* A remount */ |
28 | - mc->m.mnt_opts = instead->mnt_opts; |
29 | + /* A remount. */ |
30 | + my_free(mc->m.mnt_opts); |
31 | + /* Need to alloc memory, else we might |
32 | + * run into issues if both we and the caller frees |
33 | + * mnt_opts ... */ |
34 | + mc->m.mnt_opts = xstrdup(instead->mnt_opts); |
35 | } |
36 | } else if (instead) { |
37 | /* not found, add a new entry */ |
38 | absent = xmalloc(sizeof(*absent)); |
39 | - absent->m = *instead; |
40 | + /* Cannot just set absent->m to instead, as we free absent |
41 | + * below, and the caller might free instead */ |
42 | + absent->m.mnt_fsname = xstrdup(instead->mnt_fsname); |
43 | + absent->m.mnt_dir = xstrdup(instead->mnt_dir); |
44 | + absent->m.mnt_type = xstrdup(instead->mnt_type); |
45 | + absent->m.mnt_opts = xstrdup(instead->mnt_opts); |
46 | + absent->m.mnt_freq = instead->mnt_freq; |
47 | + absent->m.mnt_passno = instead->mnt_passno; |
48 | + |
49 | absent->nxt = mc0; |
50 | - absent->prev = mc0->prev; |
51 | + if (mc0->prev != NULL) { |
52 | + absent->prev = mc0->prev; |
53 | + mc0->prev->nxt = absent; |
54 | + } else { |
55 | + absent->prev = mc0; |
56 | + } |
57 | mc0->prev = absent; |
58 | if (mc0->nxt == NULL) |
59 | mc0->nxt = absent; |
60 | @@ -624,6 +641,8 @@ update_mtab (const char *dir, struct my_ |
61 | int errsv = errno; |
62 | error (_("cannot open %s (%s) - mtab not updated"), |
63 | MOUNTED_TEMP, strerror (errsv)); |
64 | + /* Do not leak memory */ |
65 | + discard_mntentchn(mc0); |
66 | goto leave; |
67 | } |
68 |