|
[Date Prev][Date Next][Thread Prev][Thread Next][Date Index][Thread Index] [mini-os master] Mini-OS: fix 9pfs frontend error path
commit b119f0178fd86876d0678007dfcf435ab8bb7568
Author: Juergen Gross <jgross@xxxxxxxx>
AuthorDate: Wed Feb 7 13:52:13 2024 +0100
Commit: Jan Beulich <jbeulich@xxxxxxxx>
CommitDate: Wed Feb 7 13:52:13 2024 +0100
Mini-OS: fix 9pfs frontend error path
The early error exit in p9_stat() returns without zeroing the p9_stat
buffer, resulting in free() being called with an uninitialized pointer.
Fix that by calling free_stat() in p9_stat() in case of returning an
error and potentially having allocated strings.
Reported-by: Julien Grall <julien@xxxxxxx>
Fixes: 2d1dfccd3aa3 ("Mini-OS: add read and write support to 9pfsfront")
Signed-off-by: Juergen Gross <jgross@xxxxxxxx>
Reviewed-by: Samuel Thibault <samuel.thibault@xxxxxxxxxxxx>
---
9pfront.c | 4 +++-
1 file changed, 3 insertions(+), 1 deletion(-)
diff --git a/9pfront.c b/9pfront.c
index 315089b..042879a 100644
--- a/9pfront.c
+++ b/9pfront.c
@@ -728,6 +728,8 @@ static int p9_stat(struct dev_9pfs *dev, uint32_t fid,
struct p9_stat *stat)
&stat->extension, &stat->n_uid, &stat->n_gid, &stat->n_muid);
ret = req->result;
+ if ( ret )
+ free_stat(&stat);
put_free_req(dev, req);
@@ -932,13 +934,13 @@ static int write_9pfs(struct file *file, const void *buf,
size_t nbytes)
if ( f9pfs->append )
{
ret = p9_stat(f9pfs->dev, f9pfs->fid, &stat);
- free_stat(&stat);
if ( ret )
{
errno = EIO;
return -1;
}
file->offset = stat.length;
+ free_stat(&stat);
}
ret = p9_write(f9pfs->dev, f9pfs->fid, file->offset, buf, nbytes);
--
generated by git-patchbot for /home/xen/git/mini-os.git#master
|
 |
Lists.xenproject.org is hosted with RackSpace, monitoring our |