From: Theodore Ts'o <tytso@mit.edu>
To: Lukas Czerner <lczerner@redhat.com>
Cc: linux-ext4@vger.kernel.org
Subject: Re: [PATCH] e2fsprogs: make ext2fs_free() to set the pointer to NULL
Date: Wed, 19 Feb 2014 12:57:14 -0500 [thread overview]
Message-ID: <20140219175713.GA21436@thunk.org> (raw)
In-Reply-To: <1392810496-9090-1-git-send-email-lczerner@redhat.com>
On Wed, Feb 19, 2014 at 12:48:16PM +0100, Lukas Czerner wrote:
> Currently someone uses ext2fs_free() to free the ext2_filsys structure,
> he is also responsible to set the pointer to that structure to NULL,
> because ext2fs_free() is not able to do that.
>
> This however is in contrast with ext2fs_free_mem() which requires as an
> argument pointer to the pointer and it will in fact set the pointer to
> NULL for us. This is probably the reason why majority of places where we
> use ext2fs_free() does not set the pointer to NULL afterwards.
>
> Fix this by changing function ext2fs_free() so that it'll require
> pointer to the ext2_filsys as an argument and will be able to set the
> pointer to NULL for us.
>
> I do not currently have any way to trigger the issue in recent
> e2fsprogs. Part of the reason is that there are some fixes which just
> obfuscates the real problem (for example
> 7ff040f30f0ff3bf5e2c832da3cb577e00a52d60) and the other part might be
> just coincidence.
>
> I was however able to reproduce this with e2fsprogs 1.42.9 using the
> image in bug https://bugzilla.redhat.com/show_bug.cgi?id=997982. With
> this patch it fixes it. However I am not sure why it got fixed in the
> recent e2fsprogs since git bisect lands into the merge commit - however
> I think it's just a coincidence rather than targeted fix.
>
> Signed-off-by: Lukas Czerner <lczerner@redhat.com>
This results in an ABI change, so if there are any userspace programs
which are linked against the libext2fs shared library, it would break.
So we have two choices:
1) Audit all of the callers of ext2fs_freefs to see if it's necessary
to clear the pointer. If the pointer is about to be overwritten, or
it's on a stack-allocated variable that will disappear as soon as you
return, it's not a problem. Given that your patch had to change every
single ext2fs_free() call stack, it's relatively easy to make sure we
don't miss any. :-)
2) Define a new ext2fs_freefs2() which takes the changed interface.
I'm not entirely convinced that (2) is worth it, but certainly (1)
would be a good thing to do.
It may be that the problem you couldn't replicate in the latest
version of e2fsprogs was one that was fixed either when I did my
periodic valgrind test runs, or as a result of reviewing all of the
coverity warnings.
Cheers,
- Ted
next prev parent reply other threads:[~2014-02-19 17:57 UTC|newest]
Thread overview: 6+ messages / expand[flat|nested] mbox.gz Atom feed top
2014-02-19 11:48 [PATCH] e2fsprogs: make ext2fs_free() to set the pointer to NULL Lukas Czerner
2014-02-19 16:49 ` Eric Sandeen
2014-02-19 17:57 ` Theodore Ts'o [this message]
2014-02-20 11:05 ` Lukáš Czerner
2014-02-19 23:39 ` Darrick J. Wong
2014-02-20 11:07 ` Lukáš Czerner
Reply instructions:
You may reply publicly to this message via plain-text email
using any one of the following methods:
* Save the following mbox file, import it into your mail client,
and reply-to-all from there: mbox
Avoid top-posting and favor interleaved quoting:
https://en.wikipedia.org/wiki/Posting_style#Interleaved_style
* Reply using the --to, --cc, and --in-reply-to
switches of git-send-email(1):
git send-email \
--in-reply-to=20140219175713.GA21436@thunk.org \
--to=tytso@mit.edu \
--cc=lczerner@redhat.com \
--cc=linux-ext4@vger.kernel.org \
/path/to/YOUR_REPLY
https://kernel.org/pub/software/scm/git/docs/git-send-email.html
* If your mail client supports setting the In-Reply-To header
via mailto: links, try the mailto: link
Be sure your reply has a Subject: header at the top and a blank line
before the message body.
This is an external index of several public inboxes,
see mirroring instructions on how to clone and mirror
all data and code used by this external index.