[Libguestfs] [RFC] fuse: mount_local: Fix crash when called from Java binding
Richard W.M. Jones
rjones at redhat.com
Wed May 2 09:34:01 UTC 2018
On Wed, May 02, 2018 at 12:16:32PM +0300, Mykola Ivanets wrote:
> "localmountpoint" parameter is allocated in JNI before calling
> mount_local and freed afterward. But guestfs handle keeps reference
> to passed "localmountpoint" argument and will try to use and free it
> in umount_local which leads to a crash because an attempt to access
> already freed memory region.
>
> It is not easy to fix on JNI side because the code is auto-generated.
> And I don't think it should be fixed there.
> However I doubt this patch is correct because this might lead to memory
> leak for other language bindings or in C library.
>
> I'd like to hear your thoughts how we should proceed in this situation.
> ---
> lib/fuse.c | 2 +-
> 1 file changed, 1 insertion(+), 1 deletion(-)
>
> diff --git a/lib/fuse.c b/lib/fuse.c
> index 9731db962..7df765b81 100644
> --- a/lib/fuse.c
> +++ b/lib/fuse.c
> @@ -1047,7 +1047,7 @@ guestfs_impl_mount_local (guestfs_h *g, const char *localmountpoint,
>
> /* Set g->localmountpoint in the handle. */
> gl_lock_lock (mount_local_lock);
> - g->localmountpoint = localmountpoint;
> + g->localmountpoint = safe_strdup(g, localmountpoint);
^ needs a space before the '('.
> gl_lock_unlock (mount_local_lock);
>
> return 0;
This patch is the right idea, but you also need to call
free (g->localmountpoint);
before all the places in the code where it is set to NULL. And also
in lib/handle.c:guestfs_close.
Thanks,
Rich.
--
Richard Jones, Virtualization Group, Red Hat http://people.redhat.com/~rjones
Read my programming and virtualization blog: http://rwmj.wordpress.com
virt-top is 'top' for virtual machines. Tiny program with many
powerful monitoring features, net stats, disk stats, logging, etc.
http://people.redhat.com/~rjones/virt-top
More information about the Libguestfs
mailing list