diskfs_make_peropen is dangerous in the same way that
diskfs_make_protid was: it is too easy to not check the return value.
In fact, there is not one place in the source that we do. This patch
changes that in the same way that we changed diskfs_make_protid last
April, i.e. from:
struct peropen *diskfs_make_peropen (struct node *np, int flags,
struct peropen *context);
to:
error_t
diskfs_make_peropen (struct node *np, int flags,
struct peropen *context, struct peropen **ppo);
Shall I apply it?
Here is the change log entry:
2002-03-25 Neal H Walfield <[EMAIL PROTECTED]>
* peropen-make.c (diskfs_make_peropen): Instead of returning the
peropen, return as error_t and return the peropen in the new
parameter *PPO.
* diskfs.h (diskfs_make_peropen): Change declaration to reflect
new semantics.
* boot-start.c (diskfs_start_bootstrap): Check the return value of
diskfs_make_peropen using the new semantics.
(diskfs_S_exec_startup_get_info): Likewise.
(diskfs_execboot_fsys_startup): Likewise.
(diskfs_S_fsys_init): Likewise.
* dir-lookup.c (diskfs_S_dir_lookup): Likewise.
* dir-mkfile.c (diskfs_S_dir_mkfile): Likewise.
* file-exec.c (diskfs_S_file_exec): Likewise.
* file-reparent.c (diskfs_S_file_reparent): Likewise.
* fsys-getfile.c (diskfs_S_fsys_getfile): Likewise.
* fsys-getroot.c (diskfs_S_fsys_getroot): Likewise.
* trans-callback.c (_diskfs_translator_callback2_fn): Likewise.
* init-startup.c (diskfs_startup_diskfs): Likewise.
Index: boot-start.c
===================================================================
RCS file: /cvsroot/hurd/hurd/libdiskfs/boot-start.c,v
retrieving revision 1.59
diff -u -p -r1.59 boot-start.c
--- boot-start.c 2 Jan 2002 11:21:53 -0000 1.59
+++ boot-start.c 26 Mar 2002 02:03:02 -0000
@@ -102,12 +102,15 @@ diskfs_start_bootstrap ()
size_t exec_argvlen, exec_envlen;
struct port_info *bootinfo;
struct protid *rootpi;
+ struct peropen *rootpo;
mach_port_t diskfs_exec;
/* Create the port for current and root directory. */
- err = diskfs_create_protid (diskfs_make_peropen (diskfs_root_node,
- O_READ | O_EXEC, 0),
- 0, &rootpi);
+ err = diskfs_make_peropen (diskfs_root_node, O_READ | O_EXEC, 0,
+ &rootpo);
+ assert_perror (err);
+
+ err = diskfs_create_protid (rootpo, 0, &rootpi);
assert_perror (err);
/* Get us a send right to copy around. */
@@ -307,6 +310,7 @@ diskfs_S_exec_startup_get_info (mach_por
mach_port_t rootport;
struct ufsport *upt;
struct protid *rootpi;
+ struct peropen *rootpo;
if (!(upt = ports_lookup_port (diskfs_port_bucket, port,
diskfs_execboot_class)))
@@ -337,10 +341,12 @@ diskfs_S_exec_startup_get_info (mach_por
*intarrayP = NULL;
*intarraylen = 0;
- err = diskfs_create_protid (diskfs_make_peropen (diskfs_root_node,
- O_READ | O_EXEC, 0),
- 0, &rootpi);
+ err = diskfs_make_peropen (diskfs_root_node, O_READ | O_EXEC, 0, &rootpo);
+ assert_perror (err);
+
+ err = diskfs_create_protid (rootpo, 0, &rootpi);
assert_perror (err);
+
rootport = ports_get_right (rootpi);
ports_port_deref (rootpi);
portarray[INIT_PORT_CWDIR] = rootport;
@@ -371,14 +377,16 @@ diskfs_execboot_fsys_startup (mach_port_
enum retry_type retry;
struct port_info *pt;
struct protid *rootpi;
+ struct peropen *rootpo;
mach_port_t rootport;
if (!(pt = ports_lookup_port (diskfs_port_bucket, port,
diskfs_execboot_class)))
return EOPNOTSUPP;
- err = diskfs_create_protid (diskfs_make_peropen (diskfs_root_node, flags, 0),
- 0, &rootpi);
+ err = diskfs_make_peropen (diskfs_root_node, flags, 0, &rootpo);
+ assert_perror (err);
+ err = diskfs_create_protid (rootpo, 0, &rootpi);
assert_perror (err);
rootport = ports_get_send_right (rootpi);
ports_port_deref (rootpi);
@@ -444,6 +452,7 @@ diskfs_S_fsys_init (mach_port_t port,
error_t err;
mach_port_t root_pt;
struct protid *rootpi;
+ struct peropen *rootpo;
pt = ports_lookup_port (diskfs_port_bucket, port, diskfs_initboot_class);
if (!pt)
@@ -534,9 +543,9 @@ diskfs_S_fsys_init (mach_port_t port,
/* Get a port to the root directory to put in the library's
data structures. */
- err = diskfs_create_protid (diskfs_make_peropen (diskfs_root_node,
- O_READ|O_EXEC, 0),
- 0, &rootpi);
+ err = diskfs_make_peropen (diskfs_root_node, O_READ|O_EXEC, 0, &rootpo);
+ assert_perror (err);
+ err = diskfs_create_protid (rootpo, 0, &rootpi);
assert_perror (err);
root_pt = ports_get_send_right (rootpi);
ports_port_deref (rootpi);
Index: dir-lookup.c
===================================================================
RCS file: /cvsroot/hurd/hurd/libdiskfs/dir-lookup.c,v
retrieving revision 1.50
diff -u -p -r1.50 dir-lookup.c
--- dir-lookup.c 4 Jan 2002 02:35:25 -0000 1.50
+++ dir-lookup.c 26 Mar 2002 02:03:02 -0000
@@ -1,5 +1,5 @@
/* libdiskfs implementation of fs.defs:dir_lookup
- Copyright (C) 1992,93,94,95,96,97,98,99,2000,01
+ Copyright (C) 1992,93,94,95,96,97,98,99,2000,01,02
Free Software Foundation, Inc.
This program is free software; you can redistribute it and/or
@@ -54,6 +54,7 @@ diskfs_S_dir_lookup (struct protid *dirc
int amt;
int type;
struct protid *newpi;
+ struct peropen *newpo;
if (!dircred)
return EOPNOTSUPP;
@@ -252,10 +253,14 @@ diskfs_S_dir_lookup (struct protid *dirc
error = iohelp_create_empty_iouser (&user);
if (! error)
{
- error =
- diskfs_create_protid (diskfs_make_peropen (dnp, 0,
- dircred->po),
- user, &newpi);
+ error = diskfs_make_peropen (dnp, 0, dircred->po, &newpo);
+ if (! error)
+ {
+ error = diskfs_create_protid (newpo, user, &newpi);
+ if (error)
+ diskfs_release_peropen (newpo);
+ }
+
iohelp_free_iouser (user);
}
@@ -451,11 +456,15 @@ diskfs_S_dir_lookup (struct protid *dirc
&& (fshelp_isowner (&np->dn_stat, dircred->user) == EPERM))
flags &= ~O_NOATIME;
- error =
- diskfs_create_protid (diskfs_make_peropen (np,
- (flags &~OPENONLY_STATE_MODES),
- dircred->po),
- dircred->user, &newpi);
+ error = diskfs_make_peropen (np, (flags &~OPENONLY_STATE_MODES),
+ dircred->po, &newpo);
+
+ if (! error)
+ {
+ error = diskfs_create_protid (newpo, dircred->user, &newpi);
+ if (error)
+ diskfs_release_peropen (newpo);
+ }
if (! error)
{
Index: dir-mkfile.c
===================================================================
RCS file: /cvsroot/hurd/hurd/libdiskfs/dir-mkfile.c,v
retrieving revision 1.17
diff -u -p -r1.17 dir-mkfile.c
--- dir-mkfile.c 6 Mar 2002 09:51:28 -0000 1.17
+++ dir-mkfile.c 26 Mar 2002 02:03:02 -0000
@@ -34,6 +34,7 @@ diskfs_S_dir_mkfile (struct protid *cred
struct node *dnp, *np;
error_t err;
struct protid *newpi;
+ struct peropen *newpo;
if (!cred)
return EOPNOTSUPP;
@@ -68,8 +69,15 @@ diskfs_S_dir_mkfile (struct protid *cred
return err;
flags &= ~OPENONLY_STATE_MODES; /* These bits are all meaningless here. */
- err = diskfs_create_protid (diskfs_make_peropen (np, flags, cred->po),
- cred->user, &newpi);
+
+ err = diskfs_make_peropen (np, flags, cred->po, &newpo);
+ if (! err)
+ {
+ err = diskfs_create_protid (newpo, cred->user, &newpi);
+ if (err)
+ diskfs_release_peropen (newpo);
+ }
+
if (! err)
{
*newnode = ports_get_right (newpi);
Index: diskfs.h
===================================================================
RCS file: /cvsroot/hurd/hurd/libdiskfs/diskfs.h,v
retrieving revision 1.93
diff -u -p -r1.93 diskfs.h
--- diskfs.h 5 Mar 2002 01:28:59 -0000 1.93
+++ diskfs.h 26 Mar 2002 02:03:02 -0000
@@ -1,5 +1,5 @@
/* Definitions for fileserver helper functions
- Copyright (C) 1994,95,96,97,98,99,2001, 2002 Free Software Foundation, Inc.
+ Copyright (C) 1994,95,96,97,98,99,2001,02 Free Software Foundation, Inc.
This program is free software; you can redistribute it and/or
modify it under the terms of the GNU General Public License as
@@ -794,18 +794,19 @@ diskfs_end_using_protid_port (struct pro
ports_port_deref (cred);
}
-/* Create and return a new peropen structure on node NP with open
- flags FLAGS. The initial values for the root_parent, shadow_root, and
- shadow_root_parent fields are copied from CONTEXT if it's non-zero,
- otherwise zerod. */
-struct peropen *diskfs_make_peropen (struct node *np, int flags,
- struct peropen *context);
-
/* Called when a protid CRED has no more references. (Because references\
to protids are maintained by the port management library, this is
installed in the clean routines list.) The ports library will
free the structure for us. */
void diskfs_protid_rele (void *arg);
+
+/* Create a new peropen structure on node NP with open flags FLAGS in
+ *PPO. The initial values for the root_parent, shadow_root, and
+ shadow_root_parent fields are copied from CONTEXT if it's non-zero,
+ otherwise they are zeroed. */
+error_t
+diskfs_make_peropen (struct node *np, int flags,
+ struct peropen *context, struct peropen **ppo);
/* Decrement the reference count on a peropen structure. */
void diskfs_release_peropen (struct peropen *po);
Index: file-exec.c
===================================================================
RCS file: /cvsroot/hurd/hurd/libdiskfs/file-exec.c,v
retrieving revision 1.38
diff -u -p -r1.38 file-exec.c
--- file-exec.c 13 May 2001 18:27:33 -0000 1.38
+++ file-exec.c 26 Mar 2002 02:03:02 -0000
@@ -1,5 +1,5 @@
/* File execution (file_exec RPC) for diskfs servers, using exec server.
- Copyright (C) 1993,94,95,96,97,98,2000 Free Software Foundation, Inc.
+ Copyright (C) 1993,94,95,96,97,98,2000,02 Free Software Foundation, Inc.
This file is part of the GNU Hurd.
@@ -53,6 +53,7 @@ diskfs_S_file_exec (struct protid *cred,
mode_t mode;
int suid, sgid;
struct protid *newpi;
+ struct peropen *newpo;
error_t err = 0;
mach_port_t execserver;
int cached_exec;
@@ -143,10 +144,15 @@ diskfs_S_file_exec (struct protid *cred,
server can read the executable file. We also include O_EXEC so that
the exec server can turn this peropen into a file descriptor in the
target process and permit it to exec its /dev/fd/N pseudo-file. */
- err = diskfs_create_protid (diskfs_make_peropen (np,
- O_READ|O_EXEC,
- cred->po),
- cred->user, &newpi);
+ {
+ err = diskfs_make_peropen (np, O_READ|O_EXEC, cred->po, &newpo);
+ if (! err)
+ {
+ err = diskfs_create_protid (newpo, cred->user, &newpi);
+ if (err)
+ diskfs_release_peropen (newpo);
+ }
+ }
if (! err)
{
Index: file-reparent.c
===================================================================
RCS file: /cvsroot/hurd/hurd/libdiskfs/file-reparent.c,v
retrieving revision 1.4
diff -u -p -r1.4 file-reparent.c
--- file-reparent.c 13 Apr 1998 19:36:23 -0000 1.4
+++ file-reparent.c 26 Mar 2002 02:03:02 -0000
@@ -1,6 +1,6 @@
/* Reparent a file
- Copyright (C) 1997 Free Software Foundation
+ Copyright (C) 1997,2002 Free Software Foundation
Written by Miles Bader <[EMAIL PROTECTED]>
@@ -30,6 +30,7 @@ diskfs_S_file_reparent (struct protid *c
error_t err;
struct node *node;
struct protid *new_cred;
+ struct peropen *new_po;
if (! cred)
return EOPNOTSUPP;
@@ -37,9 +38,13 @@ diskfs_S_file_reparent (struct protid *c
node = cred->po->np;
mutex_lock (&node->lock);
- err = diskfs_create_protid (diskfs_make_peropen (node, cred->po->openstat,
- cred->po),
- cred->user, &new_cred);
+ err = diskfs_make_peropen (node, cred->po->openstat, cred->po, &new_po);
+ if (! err)
+ {
+ err = diskfs_create_protid (new_po, cred->user, &new_cred);
+ if (err)
+ diskfs_release_peropen (new_po);
+ }
mutex_unlock (&node->lock);
if (! err)
Index: fsys-getfile.c
===================================================================
RCS file: /cvsroot/hurd/hurd/libdiskfs/fsys-getfile.c,v
retrieving revision 1.8
diff -u -p -r1.8 fsys-getfile.c
--- fsys-getfile.c 16 Jun 2001 20:23:09 -0000 1.8
+++ fsys-getfile.c 26 Mar 2002 02:03:02 -0000
@@ -1,6 +1,6 @@
/* Return the file for a given handle (for nfs server support)
- Copyright (C) 1997,99,2001 Free Software Foundation, Inc.
+ Copyright (C) 1997,99,2001,02 Free Software Foundation, Inc.
This file is part of the GNU Hurd.
@@ -39,6 +39,7 @@ diskfs_S_fsys_getfile (mach_port_t fsys,
struct node *node;
const union diskfs_fhandle *f;
struct protid *new_cred;
+ struct peropen *new_po;
struct iouser *user;
struct port_info *pt =
ports_lookup_port (diskfs_port_bucket, fsys, diskfs_control_class);
@@ -86,8 +87,13 @@ diskfs_S_fsys_getfile (mach_port_t fsys,
&& ! diskfs_check_readonly ())
flags |= O_WRITE;
- err = diskfs_create_protid (diskfs_make_peropen (node, flags, 0),
- user, &new_cred);
+ err = diskfs_make_peropen (node, flags, 0, &new_po);
+ if (! err)
+ {
+ err = diskfs_create_protid (new_po, user, &new_cred);
+ if (err)
+ diskfs_release_peropen (new_po);
+ }
iohelp_free_iouser (user);
Index: fsys-getroot.c
===================================================================
RCS file: /cvsroot/hurd/hurd/libdiskfs/fsys-getroot.c,v
retrieving revision 1.37
diff -u -p -r1.37 fsys-getroot.c
--- fsys-getroot.c 5 Mar 2002 01:28:59 -0000 1.37
+++ fsys-getroot.c 26 Mar 2002 02:03:02 -0000
@@ -1,5 +1,5 @@
/*
- Copyright (C) 1993,94,95,96,97,98, 2002 Free Software Foundation
+ Copyright (C) 1993,94,95,96,97,98,2002 Free Software Foundation
This file is part of the GNU Hurd.
@@ -45,6 +45,7 @@ diskfs_S_fsys_getroot (fsys_t controlpor
error_t error = 0;
mode_t type;
struct protid *newpi;
+ struct peropen *newpo;
struct iouser user;
struct peropen peropen_context =
{
@@ -176,10 +177,14 @@ diskfs_S_fsys_getroot (fsys_t controlpor
flags &= ~OPENONLY_STATE_MODES;
- error =
- diskfs_create_protid (diskfs_make_peropen (diskfs_root_node, flags,
- &peropen_context),
- &user, &newpi);
+ error = diskfs_make_peropen (diskfs_root_node, flags,
+ &peropen_context, &newpo);
+ if (! error)
+ {
+ error = diskfs_create_protid (newpo, &user, &newpi);
+ if (error)
+ diskfs_release_peropen (newpo);
+ }
mach_port_deallocate (mach_task_self (), dotdot);
Index: init-startup.c
===================================================================
RCS file: /cvsroot/hurd/hurd/libdiskfs/init-startup.c,v
retrieving revision 1.28
diff -u -p -r1.28 init-startup.c
--- init-startup.c 15 Apr 2001 22:44:00 -0000 1.28
+++ init-startup.c 26 Mar 2002 02:03:02 -0000
@@ -1,5 +1,5 @@
/* diskfs_startup_diskfs -- advertise our fsys control port to our parent FS.
- Copyright (C) 1994, 1995, 1996, 1998, 1999, 2000 Free Software Foundation
+ Copyright (C) 1994,95,96,98,99,2000,02 Free Software Foundation
This file is part of the GNU Hurd.
@@ -42,6 +42,7 @@ diskfs_startup_diskfs (mach_port_t boots
and treat that as the root of the filesystem. */
struct node *np, *old;
struct protid *rootpi;
+ struct peropen *rootpo;
/* Skip leading slashes. */
while (*_diskfs_chroot_directory == '/')
@@ -50,9 +51,10 @@ diskfs_startup_diskfs (mach_port_t boots
mutex_lock (&diskfs_root_node->lock);
/* Create a protid we can use in diskfs_lookup. */
- err = diskfs_create_protid (diskfs_make_peropen (diskfs_root_node,
- O_READ|O_EXEC, 0),
- 0, &rootpi);
+ err = diskfs_make_peropen (diskfs_root_node, O_READ|O_EXEC,
+ 0, &rootpo);
+ assert_perror (err);
+ err = diskfs_create_protid (rootpo, 0, &rootpi);
assert_perror (err);
/* Look up the directory name. */
Index: peropen-make.c
===================================================================
RCS file: /cvsroot/hurd/hurd/libdiskfs/peropen-make.c,v
retrieving revision 1.14
diff -u -p -r1.14 peropen-make.c
--- peropen-make.c 1 Apr 2001 01:39:47 -0000 1.14
+++ peropen-make.c 26 Mar 2002 02:03:02 -0000
@@ -1,5 +1,5 @@
/*
- Copyright (C) 1994, 1997, 1999, 2001 Free Software Foundation
+ Copyright (C) 1994,97,99,2001,02 Free Software Foundation
This program is free software; you can redistribute it and/or
modify it under the terms of the GNU General Public License as
@@ -20,13 +20,14 @@
/* Create and return a new peropen structure on node NP with open
flags FLAGS. */
-struct peropen *
-diskfs_make_peropen (struct node *np, int flags, struct peropen *context)
+error_t
+diskfs_make_peropen (struct node *np, int flags, struct peropen *context,
+ struct peropen **ppo)
{
- struct peropen *po = malloc (sizeof (struct peropen));
+ struct peropen *po = *ppo = malloc (sizeof (struct peropen));
if (! po)
- return NULL;
+ return ENOMEM;
po->filepointer = 0;
po->lock_status = LOCK_UN;
@@ -59,5 +60,5 @@ diskfs_make_peropen (struct node *np, in
diskfs_nref (np);
- return po;
+ return 0;
}
Index: trans-callback.c
===================================================================
RCS file: /cvsroot/hurd/hurd/libdiskfs/trans-callback.c,v
retrieving revision 1.16
diff -u -p -r1.16 trans-callback.c
--- trans-callback.c 16 Jun 2001 20:23:09 -0000 1.16
+++ trans-callback.c 26 Mar 2002 02:03:02 -0000
@@ -1,5 +1,5 @@
/*
- Copyright (C) 1995,96,97,98,2001 Free Software Foundation, Inc.
+ Copyright (C) 1995,96,97,98,2001,02 Free Software Foundation, Inc.
Written by Michael I. Bushnell.
This file is part of the GNU Hurd.
@@ -54,6 +54,7 @@ _diskfs_translator_callback2_fn (void *c
{
struct node *np = cookie1;
struct protid *cred;
+ struct peropen *po;
error_t err;
struct iouser *user;
@@ -62,11 +63,16 @@ _diskfs_translator_callback2_fn (void *c
if (err)
return err;
- err =
- diskfs_create_protid (diskfs_make_peropen (np, flags, cookie2),
- user, &cred);
+ err = diskfs_make_peropen (np, flags, cookie2, &po);
+ if (! err)
+ {
+ err = diskfs_create_protid (po, user, &cred);
+ if (err)
+ diskfs_release_peropen (po);
+ }
iohelp_free_iouser (user);
+
if (! err)
{
*underlying = ports_get_right (cred);
_______________________________________________
Bug-hurd mailing list
[EMAIL PROTECTED]
http://mail.gnu.org/mailman/listinfo/bug-hurd
