This series fixes potential memory/fd leaks in 9pfs and a crash when

running tests/virtio-9p-test on SPARC hosts.
 -----BEGIN PGP SIGNATURE-----
 
 iEYEABECAAYFAljaIlUACgkQAvw66wEB28KzKQCfZRTq74rKjFUv20D0ur+8qHb5
 iFwAn12UyalKt14ztoKRGyfGyYZjWe13
 =XeLy
 -----END PGP SIGNATURE-----

Merge remote-tracking branch 'remotes/gkurz/tags/for-upstream' into staging

This series fixes potential memory/fd leaks in 9pfs and a crash when
running tests/virtio-9p-test on SPARC hosts.

# gpg: Signature made Tue 28 Mar 2017 09:44:05 BST
# gpg:                using DSA key 0x02FC3AEB0101DBC2
# gpg: Good signature from "Greg Kurz <groug@kaod.org>"
# gpg:                 aka "Greg Kurz <groug@free.fr>"
# gpg:                 aka "Greg Kurz <gkurz@linux.vnet.ibm.com>"
# gpg:                 aka "Gregory Kurz (Groug) <groug@free.fr>"
# gpg:                 aka "[jpeg image of size 3330]"
# gpg: WARNING: This key is not certified with a trusted signature!
# gpg:          There is no indication that the signature belongs to the owner.
# Primary key fingerprint: 2BD4 3B44 535E C0A7 9894  DBA2 02FC 3AEB 0101 DBC2

* remotes/gkurz/tags/for-upstream:
  tests/virtio-9p-test: Don't call le*_to_cpus on fields of packed struct
  9pfs: fix file descriptor leak

Signed-off-by: Peter Maydell <peter.maydell@linaro.org>
This commit is contained in:
Peter Maydell 2017-03-28 09:48:23 +01:00
commit 8c9ee217f0
2 changed files with 10 additions and 2 deletions

View File

@ -1550,6 +1550,10 @@ static void coroutine_fn v9fs_lcreate(void *opaque)
err = -ENOENT; err = -ENOENT;
goto out_nofid; goto out_nofid;
} }
if (fidp->fid_type != P9_FID_NONE) {
err = -EINVAL;
goto out;
}
flags = get_dotl_openflags(pdu->s, flags); flags = get_dotl_openflags(pdu->s, flags);
err = v9fs_co_open2(pdu, fidp, &name, gid, err = v9fs_co_open2(pdu, fidp, &name, gid,
@ -2153,6 +2157,10 @@ static void coroutine_fn v9fs_create(void *opaque)
err = -EINVAL; err = -EINVAL;
goto out_nofid; goto out_nofid;
} }
if (fidp->fid_type != P9_FID_NONE) {
err = -EINVAL;
goto out;
}
if (perm & P9_STAT_MODE_DIR) { if (perm & P9_STAT_MODE_DIR) {
err = v9fs_co_mkdir(pdu, fidp, &name, perm & 0777, err = v9fs_co_mkdir(pdu, fidp, &name, perm & 0777,
fidp->uid, -1, &stbuf); fidp->uid, -1, &stbuf);

View File

@ -256,8 +256,8 @@ static void v9fs_req_recv(P9Req *req, uint8_t id)
qvirtio_wait_queue_isr(v9p->dev, v9p->vq, 1000 * 1000); qvirtio_wait_queue_isr(v9p->dev, v9p->vq, 1000 * 1000);
v9fs_memread(req, &hdr, 7); v9fs_memread(req, &hdr, 7);
le32_to_cpus(&hdr.size); hdr.size = ldl_le_p(&hdr.size);
le16_to_cpus(&hdr.tag); hdr.tag = lduw_le_p(&hdr.tag);
if (hdr.size >= 7) { if (hdr.size >= 7) {
break; break;
} }