[PATCH] erofs-utils: fix resource leaks and missing returns on error paths

[PATCH] erofs-utils: fix resource leaks and missing returns on error paths

[Ajay Rajera]

This patch fixes two error-handling bugs in erofs-utils:

1. fuse: add missing return on getattr error
erofsfuse_getattr() calls fuse_reply_err() when erofs_read_inode_from_disk()
fails, but does not return afterwards. This causes the function to fall through
to erofsfuse_fill_stat() with uninitialized inode data and then call
fuse_reply_attr(), sending a second reply to the same FUSE request. This triggers
undefined behavior in libfuse and exposes garbage values.

2. lib: fix memory leak in erofs_gzran_builder_init error path
When inflateInit2() fails, erofs_gzran_builder_init() returns an ERR_PTR(-EFAULT)
but forgets to free the previously allocated erofs_gzran_builder struct (gb),
resulting in a memory leak.

Signed-off-by: Ajay Rajera <newajay.11r@gmail.com>
---
 fuse/main.c | 4 +++-
 lib/gzran.c | 4 +++-
 2 files changed, 6 insertions(+), 2 deletions(-)

diff --git a/fuse/main.c b/fuse/main.c
index 82aca8c..b634782 100644
--- a/fuse/main.c
+++ b/fuse/main.c
@@ -265,8 +265,10 @@ static void erofsfuse_getattr(fuse_req_t req, fuse_ino_t ino,
 	struct erofs_inode vi = { .sbi = &g_sbi, .nid = erofsfuse_to_nid(ino) };
 
 	ret = erofs_read_inode_from_disk(&vi);
-	if (ret < 0)
+	if (ret < 0) {
 		fuse_reply_err(req, -ret);
+		return;
+	}
 
 	erofsfuse_fill_stat(&vi, &stbuf);
 	stbuf.st_ino = ino;
diff --git a/lib/gzran.c b/lib/gzran.c
index dffb20a..8a01825 100644
--- a/lib/gzran.c
+++ b/lib/gzran.c
@@ -50,8 +50,10 @@ struct erofs_gzran_builder *erofs_gzran_builder_init(struct erofs_vfile *vf,
 	strm->avail_in = 0;
 	strm->next_in = Z_NULL;
 	ret = inflateInit2(strm, 47);	/* automatic zlib or gzip decoding */
-	if (ret != Z_OK)
+	if (ret != Z_OK) {
+		free(gb);
 		return ERR_PTR(-EFAULT);
+	}
 	gb->vf = vf;
 	gb->span_size = span_size;
 	gb->totout = gb->totin = 0;
-- 
2.51.0.windows.1

Re: [PATCH] erofs-utils: fix resource leaks and missing returns on error paths

[Nithurshen]

Hi Ajay,

I will test and verify this patch shortly.
But, can you please send a v2 of this in two sperate patches with a
cover letter, as both of your changes are completely unrelated to each
other.

Thanks and Regards
Nithurshen

Re: [PATCH] erofs-utils: fix resource leaks and missing returns on error paths

[Ajay Rajera]

Yeah, I know that both changes are not related but the fixes are small
so I did it in just one patch.
Thanks, Ajay.

On Fri, 20 Mar 2026 at 22:34, Nithurshen <nithurshen.dev@gmail.com> wrote:
>
> Hi Ajay,
>
> I will test and verify this patch shortly.
> But, can you please send a v2 of this in two sperate patches with a
> cover letter, as both of your changes are completely unrelated to each
> other.
>
> Thanks and Regards
> Nithurshen

Re: [PATCH] erofs-utils: fix resource leaks and missing returns on error paths

[Nithurshen Karthikeyan]

On Fri, Mar 20, 2026 at 10:50 PM Ajay Rajera <newajay.11r@gmail.com> wrote:
>
> Yeah, I know that both changes are not related but the fixes are small
> so I did it in just one patch.

It is not about the size of the patch. Since, there are technically two
changes that we have to test, it is a hard requirement for each patch
to be atomic.
Only then, we can verify each change individually, and give a
review.

Thanks
Nithurshen

Re: [PATCH] erofs-utils: fix resource leaks and missing returns on error paths

[Nithurshen]

Hi Xiang,

Both the patches LGTM.

I tested the missing return by truncating an image to force an I/O 
error, and the FUSE daemon now correctly aborts instead of hanging. 
I also dynamically tested the memory leak fix using Valgrind with a 
10MB file and an injected Z_STREAM_ERROR, confirming 0 bytes lost.

The only note is that this should be sent as 2 separate patches in 
the same thread.

Reviewed-by: Nithurshen <nithurshen.dev@gmail.com>
Tested-by: Nithurshen <nithurshen.dev@gmail.com>

Re: [PATCH] erofs-utils: fix resource leaks and missing returns on error paths

[Gao Xiang]

On 2026/3/21 13:07, Nithurshen wrote:
> Hi Xiang,
> 
> Both the patches LGTM.

I only see one patch here, if they are unrelated, please seperate
nto two patches intead.

> 
> I tested the missing return by truncating an image to force an I/O
> error, and the FUSE daemon now correctly aborts instead of hanging.

It seems the first one can be formed into a testcase
in experimental-tests?


> I also dynamically tested the memory leak fix using Valgrind with a
> 10MB file and an injected Z_STREAM_ERROR, confirming 0 bytes lost.
> 
> The only note is that this should be sent as 2 separate patches in
> the same thread.
> 
> Reviewed-by: Nithurshen <nithurshen.dev@gmail.com>
> Tested-by: Nithurshen <nithurshen.dev@gmail.com>

Thanks for the test.

Thanks,
Gao Xiang

Re: [PATCH] erofs-utils: fix resource leaks and missing returns on error paths

[Nithurshen]

Hi Xiang,

Thanks for the suggestion.

I have started working on formalizing the truncated image
scenario into a test case for experimental-tests. I'll 
implement it so that we can automate the image corruption
and verify the FUSE daemon's error-handling behavior in
future.

Since there is already a test-case I sent with code 028,
is it okay if I send this one with 029?

I will send the patch for the test case shortly.

Thanks and Regards,
Nithurshen

Re: [PATCH] erofs-utils: fix resource leaks and missing returns on error paths

[Gao Xiang]

On 2026/3/21 15:15, Nithurshen wrote:
> Hi Xiang,
> 
> Thanks for the suggestion.
> 
> I have started working on formalizing the truncated image
> scenario into a test case for experimental-tests. I'll
> implement it so that we can automate the image corruption
> and verify the FUSE daemon's error-handling behavior in
> future.
> 
> Since there is already a test-case I sent with code 028,
> is it okay if I send this one with 029?

Any number is fine, or just use 99 when submitting.

> 
> I will send the patch for the test case shortly.
> 
> Thanks and Regards,
> Nithurshen

Re: [PATCH] erofs-utils: fix resource leaks and missing returns on error paths

[Nithurshen Karthikeyan]

On Sat, Mar 21, 2026 at 7:09 PM Gao Xiang <hsiangkao@linux.alibaba.com> wrote:
>
> Any number is fine, or just use 99 when submitting.

Hi Xiang,

I've just sent out the new test case as erofs/099 in a separate
thread for the experimental-tests repository.

I verified the test logic in a Linux environment; it successfully
triggers a segmentation fault in the unpatched FUSE daemon due to
the double reply, and passes cleanly once Ajay's fix is applied.

Thanks and Regards
Nithurshen

Re: [PATCH] erofs-utils: fix resource leaks and missing returns on error paths

[Ajay Rajera]

Hi,Thanks for the review
I have just sent out a v2 series that splits these into two separate patches.

Best regards,
 Ajay Rajera.

On Sat, 21 Mar 2026 at 10:37, Nithurshen <nithurshen.dev@gmail.com> wrote:
>
> Hi Xiang,
>
> Both the patches LGTM.
>
> I tested the missing return by truncating an image to force an I/O
> error, and the FUSE daemon now correctly aborts instead of hanging.
> I also dynamically tested the memory leak fix using Valgrind with a
> 10MB file and an injected Z_STREAM_ERROR, confirming 0 bytes lost.
>
> The only note is that this should be sent as 2 separate patches in
> the same thread.
>
> Reviewed-by: Nithurshen <nithurshen.dev@gmail.com>
> Tested-by: Nithurshen <nithurshen.dev@gmail.com>