sbrabec/util-linux
SHA256
1
0
Fork 0
forked from pool/util-linux
Code Pull Requests Activity
2bf68516b3
util-linux/util-linux-libmount-umount-a-segfault.patch

35 lines
1.0 KiB
Diff
Raw Normal View History

Accepting request 621187 from SUSE:SLE-15:GA bsc#1091164 bsc#1072947 bsc#1080740 boo#1100255 OBS-URL: https://build.opensuse.org/request/show/621187 OBS-URL: https://build.opensuse.org/package/show/Base:System/util-linux?expand=0&rev=376
2018-07-09 18:37:09 +02:00
From f958101d2ea55174f8cd584efe41d4cefa9578c6 Mon Sep 17 00:00:00 2001
From: Richard Fuchs <rfuchs@sipwise.com>
Date: Tue, 17 Apr 2018 09:40:20 -0400
Subject: [PATCH] bugfix: fix possible segfault during umount -a
mnt_context_get_mtab() doesn't set its return **tb argument on error,
and so in mnt_context_next_umount() mtab will remain uninitialized on
error, later resulting in cxt->mtab containing garbage, possibly
resulting in segfault on exit.
---
libmount/src/context_umount.c | 3 ++-
1 file changed, 2 insertions(+), 1 deletion(-)
diff --git a/libmount/src/context_umount.c b/libmount/src/context_umount.c
index 45651b58e..240ec3be6 100644
--- a/libmount/src/context_umount.c
+++ b/libmount/src/context_umount.c
@@ -1003,11 +1003,12 @@ int mnt_context_next_umount(struct libmnt_context *cxt,
rc = mnt_context_get_mtab(cxt, &mtab);
cxt->mtab = NULL; /* do not reset mtab */
mnt_reset_context(cxt);
- cxt->mtab = mtab;
if (rc)
return rc;
+ cxt->mtab = mtab;
+
do {
rc = mnt_table_next_fs(mtab, itr, fs);
if (rc != 0)
--
2.16.3
Copy Permalink