Re: libfuse: null-terminate argv (fuse_opt_insert_arg)

Mon, 23 May 2016 09:35:11 -0700 

On Fri, May 20, 2016 at 10:57:10PM +0800, Ray Lai wrote:
> On Thu, 19 May 2016 18:57:50 +0200
> Hiltjo Posthuma <[email protected]> wrote:
> 
> > Hi peoples,
> > 
> > This diff makes sure to NUL-terminate argv when parsing options in libfuse.
> > The upstream/other libfuse does it this way. This fixes an issue with the
> > sysutils/sshfs port, it uses execvp(3) on the fuse_args argv and this gave
> > an error "bad address".
> > 
> > 
> > Index: fuse_opt.c
> > ===================================================================
> > RCS file: /cvs/src/lib/libfuse/fuse_opt.c,v
> > retrieving revision 1.15
> > diff -u -p -r1.15 fuse_opt.c
> > --- fuse_opt.c      19 Oct 2015 17:24:07 -0000      1.15
> > +++ fuse_opt.c      19 May 2016 16:50:39 -0000
> > @@ -353,7 +353,7 @@ fuse_opt_insert_arg(struct fuse_args *ar
> >     if (p < 0 || p > args->argc)
> >             return (-1);
> >  
> > -   av = reallocarray(args->argv, args->argc + 1, sizeof(*av));
> > +   av = reallocarray(args->argv, args->argc + 2, sizeof(*av));
> >     if (av == NULL)
> >             return (-1);
> >  
> > @@ -365,6 +365,7 @@ fuse_opt_insert_arg(struct fuse_args *ar
> >  
> >     args->argc++;
> >     args->argv = av;
> > +   args->argv[args->argc] = NULL;
> >     for (i = p; i < args->argc; i++) {
> >             next_arg = args->argv[i];
> >             args->argv[i] = this_arg;
> > 
> > 
> > [0] upstream libfuse fuse_opt_add_arg:
> >     https://github.com/libfuse/libfuse/blob/master/lib/fuse_opt.c#L62
> > 
> 
> This looks correct, but don't forget about free_argv() and alloc_argv().
> 

I discussed with Ray his concerns of the patch off-list. We agreed there is no
memory leak or invalid use of argv AFAICT.

Can this patch be applied to base libfuse?

-- 
Kind regards,
Hiltjo

Reply via email to