This is an automated email from the ASF dual-hosted git repository.
davids5 pushed a commit to branch master
in repository https://gitbox.apache.org/repos/asf/incubator-nuttx.git
The following commit(s) were added to refs/heads/master by this push:
new bf06776 fs/vfs: reuse file_dup2 directly in file_dup to fix segfault
issue
bf06776 is described below
commit bf06776f7cb2bcf74567f92de3e16c58c88cb92e
Author: liuhaitao <[email protected]>
AuthorDate: Tue Sep 8 14:13:49 2020 +0800
fs/vfs: reuse file_dup2 directly in file_dup to fix segfault issue
Or close the fd2 return by dup() would segment fault since filep->f_priv
null access.
Change-Id: I285c86f54bbb486d6c2c5aea53952f69083dca72
Signed-off-by: liuhaitao <[email protected]>
---
fs/vfs/fs_dupfd.c | 30 ++++++++++++++++++------------
1 file changed, 18 insertions(+), 12 deletions(-)
diff --git a/fs/vfs/fs_dupfd.c b/fs/vfs/fs_dupfd.c
index d8bd080..5364bde 100644
--- a/fs/vfs/fs_dupfd.c
+++ b/fs/vfs/fs_dupfd.c
@@ -50,13 +50,14 @@
* accepts a struct file instance instead of a file descriptor.
*
* Returned Value:
- * Zero (OK) is returned on success; a negated errno value is returned on
- * any failure.
+ * The new file descriptor is returned on success; a negated errno value
+ * is returned on any failure.
*
****************************************************************************/
int file_dup(FAR struct file *filep, int minfd)
{
+ FAR struct file *filep2;
int fd2;
int ret;
@@ -67,21 +68,26 @@ int file_dup(FAR struct file *filep, int minfd)
return -EBADF;
}
- /* Increment the reference count on the contained inode */
+ /* Then allocate a new file descriptor for the inode */
+
+ fd2 = files_allocate(NULL, 0, 0, minfd);
+ if (fd2 < 0)
+ {
+ return -EMFILE;
+ }
- ret = inode_addref(filep->f_inode);
+ ret = fs_getfilep(fd2, &filep2);
if (ret < 0)
{
+ files_release(fd2);
return ret;
}
- /* Then allocate a new file descriptor for the inode */
-
- fd2 = files_allocate(filep->f_inode, filep->f_oflags, filep->f_pos, minfd);
- if (fd2 < 0)
+ ret = file_dup2(filep, filep2);
+ if (ret < 0)
{
- inode_release(filep->f_inode);
- return -EMFILE;
+ files_release(fd2);
+ return ret;
}
return fd2;
@@ -95,8 +101,8 @@ int file_dup(FAR struct file *filep, int minfd)
* value greater than or equal to 'minfd').
*
* Returned Value:
- * Zero (OK) is returned on success; a negated errno value is returned on
- * any failure.
+ * The new file descriptor is returned on success; a negated errno value
+ * is returned on any failure.
*
****************************************************************************/
