svn commit: trunk/busybox/util-linux
landley at busybox.net
landley at busybox.net
Tue Jan 10 05:30:31 UTC 2006
Author: landley
Date: 2006-01-09 21:30:28 -0800 (Mon, 09 Jan 2006)
New Revision: 13216
Log:
With -a, the jump to mount_it_now can skip the initialization of f, and
if we don't zero it after closing it we re-close a filehandle that isn't
open, and since this is a file _pointer_ it segfaults on a double free.
Yeah, subtle bug. I need to break this out into separate functions if I can
figure out how to avoid making the code larger while doing so. Part of
the general -a and -o remount work I need to do, but that's after 1.1.0...
Modified:
trunk/busybox/util-linux/mount.c
Changeset:
Modified: trunk/busybox/util-linux/mount.c
===================================================================
--- trunk/busybox/util-linux/mount.c 2006-01-10 02:37:20 UTC (rev 13215)
+++ trunk/busybox/util-linux/mount.c 2006-01-10 05:30:28 UTC (rev 13216)
@@ -327,8 +327,11 @@
}
if(!rc || !f) break;
}
- if(f) fclose(f);
- if(!f || !rc) break;
+ if(!f) break;
+ fclose(f);
+ // goto mount_it_now with -a can jump past the initialization
+ f=0;
+ if(!rc) break;
}
/* If the mount was successful, and we're maintaining an old-style
More information about the busybox-cvs
mailing list