[Virtio-fs] [PATCH] Virtiofsd: fix segfault when quit before dev init

[Virtio-fs] [PATCH] Virtiofsd: fix segfault when quit before dev init

[Liu Bo]

From: Eric Ren <renzhen@linux.alibaba.com>

The daemon may bail out early on errors(e.g. in fuse_session_mount), where
it ends up a segfault error.

Signed-off-by: Eric Ren <renzhen@linux.alibaba.com>
---
 contrib/virtiofsd/fuse_virtio.c | 4 ++++
 1 file changed, 4 insertions(+)

diff --git a/contrib/virtiofsd/fuse_virtio.c b/contrib/virtiofsd/fuse_virtio.c
index aa94b66..6292e87 100644
--- a/contrib/virtiofsd/fuse_virtio.c
+++ b/contrib/virtiofsd/fuse_virtio.c
@@ -891,6 +891,10 @@ int virtio_session_mount(struct fuse_session *se)
 void virtio_session_close(struct fuse_session *se)
 {
         close(se->vu_socketfd);
+
+        if (!se->virtio_dev)
+                return;
+
         free(se->virtio_dev->qi);
         free(se->virtio_dev);
         se->virtio_dev = NULL;
-- 
1.8.3.1

Re: [Virtio-fs] [PATCH] Virtiofsd: fix segfault when quit before dev init

[piaojun]

Hi liubo and Eric,

This patch looks good to me, and could you help fixing a null pointer
dereference about se->virtio_dev in virtio_session_mount() together?

virtio_session_mount()
- se->virtio_dev = calloc(sizeof(struct fv_VuDev), 1);
- Add a null check after calloc().

Thanks,
Jun

On 2019/8/3 13:28, Liu Bo wrote:
> From: Eric Ren <renzhen@linux.alibaba.com>
> 
> The daemon may bail out early on errors(e.g. in fuse_session_mount), where
> it ends up a segfault error.
> 
> Signed-off-by: Eric Ren <renzhen@linux.alibaba.com>
> ---
>  contrib/virtiofsd/fuse_virtio.c | 4 ++++
>  1 file changed, 4 insertions(+)
> 
> diff --git a/contrib/virtiofsd/fuse_virtio.c b/contrib/virtiofsd/fuse_virtio.c
> index aa94b66..6292e87 100644
> --- a/contrib/virtiofsd/fuse_virtio.c
> +++ b/contrib/virtiofsd/fuse_virtio.c
> @@ -891,6 +891,10 @@ int virtio_session_mount(struct fuse_session *se)
>  void virtio_session_close(struct fuse_session *se)
>  {
>          close(se->vu_socketfd);
> +
> +        if (!se->virtio_dev)
> +                return;
> +
>          free(se->virtio_dev->qi);
>          free(se->virtio_dev);
>          se->virtio_dev = NULL;
> 

Re: [Virtio-fs] [PATCH] Virtiofsd: fix segfault when quit before dev init

[Dr. David Alan Gilbert]

* Liu Bo (bo.liu@linux.alibaba.com) wrote:
> From: Eric Ren <renzhen@linux.alibaba.com>
> 
> The daemon may bail out early on errors(e.g. in fuse_session_mount), where
> it ends up a segfault error.
> 
> Signed-off-by: Eric Ren <renzhen@linux.alibaba.com>


Reviewed-by: Dr. David Alan Gilbert <dgilbert@redhat.com>

Thanks, added to my world

> ---
>  contrib/virtiofsd/fuse_virtio.c | 4 ++++
>  1 file changed, 4 insertions(+)
> 
> diff --git a/contrib/virtiofsd/fuse_virtio.c b/contrib/virtiofsd/fuse_virtio.c
> index aa94b66..6292e87 100644
> --- a/contrib/virtiofsd/fuse_virtio.c
> +++ b/contrib/virtiofsd/fuse_virtio.c
> @@ -891,6 +891,10 @@ int virtio_session_mount(struct fuse_session *se)
>  void virtio_session_close(struct fuse_session *se)
>  {
>          close(se->vu_socketfd);
> +
> +        if (!se->virtio_dev)
> +                return;
> +
>          free(se->virtio_dev->qi);
>          free(se->virtio_dev);
>          se->virtio_dev = NULL;
> -- 
> 1.8.3.1
> 
> _______________________________________________
> Virtio-fs mailing list
> Virtio-fs@redhat.com
> https://www.redhat.com/mailman/listinfo/virtio-fs
--
Dr. David Alan Gilbert / dgilbert@redhat.com / Manchester, UK