This could be triggered by auto-mounting a recursive bind mount. Reported by Michael Chapman in: https://bugzilla.redhat.com/1188498 * lib/fts.c (fts_read): Avoid removing the original hash table item when leaving a directory that caused a cycle, and preserve the FTS_DC flag. --- ChangeLog | 9 +++++++++ lib/fts.c | 13 ++++++++++--- 2 files changed, 19 insertions(+), 3 deletions(-)
diff --git a/ChangeLog b/ChangeLog index c4cb47f..9daa33c 100644 --- a/ChangeLog +++ b/ChangeLog @@ -1,3 +1,12 @@ +2015-02-11 Kamil Dudka <kdu...@redhat.com> + + fts: avoid crash when a cycle is added while traversing + This could be triggered by auto-mounting a recursive bind mount. + Reported by Michael Chapman in: https://bugzilla.redhat.com/1188498 + * lib/fts.c (fts_read): Avoid removing the original hash table item + when leaving a directory that caused a cycle, and preserve the FTS_DC + flag. + 2015-02-11 Pádraig Brady <p...@draigbrady.com> tests: avoid recent -Werror=unused-variable regression in test-locale diff --git a/lib/fts.c b/lib/fts.c index 5cb4cb0..a5b1741 100644 --- a/lib/fts.c +++ b/lib/fts.c @@ -1091,9 +1091,16 @@ cd_dot_dot: p->fts_errno = errno; SET(FTS_STOP); } - p->fts_info = p->fts_errno ? FTS_ERR : FTS_DP; - if (p->fts_errno == 0) - LEAVE_DIR (sp, p, "3"); + + /* If the directory causes a cycle, preserve the FTS_DC flag and keep + * the corresponding dev/ino pair in the hash table. It is going to be + * removed when leaving the original directory. + */ + if (p->fts_info != FTS_DC) { + p->fts_info = p->fts_errno ? FTS_ERR : FTS_DP; + if (p->fts_errno == 0) + LEAVE_DIR (sp, p, "3"); + } return ISSET(FTS_STOP) ? NULL : p; } -- 2.1.0
