Scott Rotondo <[EMAIL PROTECTED]> wrote:
> Joerg Schilling wrote:
> > Juergen Keil <[EMAIL PROTECTED]> wrote:
> >
> >> Hmm, in usr/src/uts/common/fs/hsfs/hsfs_vfsops.c function hs_mountfs(),
> >> whenever we use one of the first three |goto cleanup|, the local variables
> >> |svp| and |jvp| are uninitialized. That should corrupt the kernel heap
> >> when we kmem_free() with an unitialized stack lock pointer in the
> >> cleanup section ...
> >>
> >>
> >>
> >> struct hs_volume *svp; /* Supplemental VD for
> >> ISO-9660:1999 */
> >> struct hs_volume *jvp; /* Joliet VD */
> >>
> >
> > I have to admit that I am responsible for the uninitialized Joliet VD
> > pointer.
> > Duplicating code is simple and in this case even passed 4 !!!! code reviews.
> >
> > Does it help to intialize the pointers to NULL?
> >
>
> Sure. This code
>
> 943 if (fsp)
> 944 kmem_free(fsp, sizeof (*fsp));
> 945 if (svp)
> 946 kmem_free(svp, sizeof (*svp));
> 947 if (jvp)
> 948 kmem_free(jvp, sizeof (*jvp));
>
> will behave very differently if those pointers are NULL rather than
> uninitialized.
????
I was interested in a useful reply for the OP case....
Did you run a test with the original filesystem, or what do you like to tell us
here?
Jörg
--
EMail:[EMAIL PROTECTED] (home) Jörg Schilling D-13353 Berlin
[EMAIL PROTECTED] (uni)
[EMAIL PROTECTED] (work) Blog: http://schily.blogspot.com/
URL: http://cdrecord.berlios.de/old/private/ ftp://ftp.berlios.de/pub/schily
_______________________________________________
opensolaris-discuss mailing list
[email protected]
