On Tue, Jun 20, 2006 at 06:46:07PM +0200, Bastian Kleineidam wrote:
> When I run xfs_growfs as a normal user, the program crashes.
> /dev/hda1 is my root XFS partition, the uid and gid is 1000.
> ...
> (gdb) run -n /dev/hda1
> Starting program: /usr/sbin/xfs_growfs -n /dev/hda1
> *** glibc detected *** double free or corruption (fasttop): 0x080919f0 ***
> ...
> So error=13 is EACCES - which is undertandable since I am not root
> here. The mistake now is that _both_ fs_table_insert() and
> fs_table_initialise_mounts() of libxcmd/paths.c of xfsprogs call free()
> on the dir variable.
Ayup, busted. Good catch. Can you try the patch below to see
if it fixes the problem?
thanks.
--
Nathan
--- a/xfsprogs/libxcmd/paths.c 2006-06-21 11:30:50.000000000 +1000
+++ b/xfsprogs/libxcmd/paths.c 2006-06-21 10:46:09.620437791 +1000
@@ -105,15 +105,15 @@ fs_table_insert(
datadev = logdev = rtdev = 0;
if (!fs_device_number(dir, &datadev, 0))
- goto error;
+ return errno;
if (fslog && (fslog = fs_device_number(fslog, &logdev, 1)) == NULL)
- goto error;
+ return errno;
if (fsrt && (fsrt = fs_device_number(fsrt, &rtdev, 1)) == NULL)
- goto error;
+ return errno;
fs_table = realloc(fs_table, sizeof(fs_path_t) * (fs_count + 1));
if (!fs_table)
- goto error;
+ return errno;
fs_path = &fs_table[fs_count];
fs_path->fs_dir = dir;
@@ -127,13 +127,6 @@ fs_table_insert(
fs_path->fs_rtdev = rtdev;
fs_count++;
return 0;
-
- error:
- if (dir) free(dir);
- if (fsrt) free(fsrt);
- if (fslog) free(fslog);
- if (fsname) free(fsname);
- return errno;
}
void
@@ -191,8 +184,11 @@ fs_table_initialise_mounts(
{
struct mntent *mnt;
FILE *mtp;
- char *dir = NULL, *fsname = NULL, *fslog, *fsrt;
- int error = 0, found = 0;
+ char *dir, *fsname, *fslog, *fsrt;
+ int error, found;
+
+ error = found = 0;
+ dir = fsname = fslog = fsrt = NULL;
if (!mtab_file) {
mtab_file = PROC_MOUNTS;
@@ -226,8 +222,10 @@ fs_table_initialise_mounts(
if (!error && path && !found)
error = ENXIO;
if (error) {
- free(dir);
- free(fsname);
+ if (dir) free(dir);
+ if (fsrt) free(fsrt);
+ if (fslog) free(fslog);
+ if (fsname) free(fsname);
}
return error;
}
@@ -240,8 +238,11 @@ fs_table_initialise_mounts(
char *path)
{
struct statfs *stats;
- char *dir = NULL, *fsname = NULL, *fslog = NULL, *fsrt =
NULL;
- int i, count, found = 0, error = 0;
+ char *dir, *fsname, *fslog, *fsrt;
+ int i, count, error, found;
+
+ error = found = 0;
+ dir = fsname = fslog = fsrt = NULL;
if ((count = getmntinfo(&stats, 0)) < 0) {
perror("getmntinfo");
@@ -270,8 +271,10 @@ fs_table_initialise_mounts(
if (!error && path && !found)
error = ENXIO;
if (error) {
- free(dir);
- free(fsname);
+ if (dir) free(dir);
+ if (fsrt) free(fsrt);
+ if (fslog) free(fslog);
+ if (fsname) free(fsname);
}
return error;
}
@@ -339,8 +342,8 @@ fs_table_initialise_projects(
if (!error && project && !found)
error = ENOENT;
if (error) {
- free(dir);
- free(fsname);
+ if (dir) free(dir);
+ if (fsname) free(fsname);
}
return error;
}
--
To UNSUBSCRIBE, email to [EMAIL PROTECTED]
with a subject of "unsubscribe". Trouble? Contact [EMAIL PROTECTED]
