Bug #753
closed
patch to fix issue 739
0%
Description
Hello,
I reckon the following patch fixes http://bugs.dragonflybsd.org/issue739.
I couldn't reproduce the issue, so I simply rebuilt the kernel to test
this patch.
When the collision occurs in deget(), the newly created vnode (nvp) is
destroyed.
At this point, nvp->v_data does not yet point to the denode (ldep) and is
presumably NULL, so when nvp->v_data is dereferenced in msdosfs_inactive()
(dep->de_name0 == SLOT_DELETED), the kernel takes a fault.
The patch simply checks that dep is not NULL before dereferencing it. This
mimics what is done in ufs_inactive() and is documented in
http://www.dragonflybsd.org/cvsweb/src/sys/vfs/ufs/ufs_ihash.c?r1=1.12.
Cheers,
Nicolas
Index: msdosfs_denode.c
===================================================================
RCS file: /home/dcvs/src/sys/vfs/msdosfs/msdosfs_denode.c,v
retrieving revision 1.29
diff u -r1.29 msdosfs_denode.c msdosfs_denode.c 14 Jun 2007 02:55:27 -0000 1.29
--
+++ msdosfs_denode.c 29 Jul 2007 19:11:05 -0000@ -698,7 +698,7 @
/*
* Ignore denodes related to stale file handles.
*/
- if (dep->de_Name0 SLOT_DELETED)
+ if (dep NULL || dep->de_Name0 == SLOT_DELETED)
goto out;
/*
Updated by corecode over 18 years ago
Please follow up on the specific issue in the future. This way your feedback will be added to the trail.
thanks
simon
Updated by corecode over 18 years ago
Thanks for your patch! Committed by dillon@