Fork us on GitHub Follow us on Facebook Follow us on Twitter

Changeset 40feeac in mainline


Ignore:
Timestamp:
2017-12-03T22:14:40Z (4 years ago)
Author:
Jiří Zárevúcky <zarevucky.jiri@…>
Branches:
lfn, master
Children:
8e3498b
Parents:
38d150e
Message:

Avoid race condition in vfs_clone().

The file descriptor could have been reallocated between the freeing
and the assigning, which would make it fail spuriously. Avoid
the error by moving deallocation inside the critical section.

Location:
uspace/srv/vfs
Files:
2 edited

Legend:

Unmodified
Added
Removed
  • uspace/srv/vfs/vfs_file.c

    r38d150e r40feeac  
    257257}
    258258
     259static int _vfs_fd_free_locked(vfs_client_data_t *vfs_data, int fd)
     260{
     261        if ((fd < 0) || (fd >= MAX_OPEN_FILES) || !vfs_data->files[fd]) {
     262                return EBADF;
     263        }
     264
     265        int rc = vfs_file_delref(vfs_data, vfs_data->files[fd]);
     266        vfs_data->files[fd] = NULL;
     267        return rc;
     268}
     269
    259270static int _vfs_fd_free(vfs_client_data_t *vfs_data, int fd)
    260271{
     
    265276
    266277        fibril_mutex_lock(&vfs_data->lock);     
    267         if ((fd < 0) || (fd >= MAX_OPEN_FILES) || !vfs_data->files[fd]) {
    268                 fibril_mutex_unlock(&vfs_data->lock);
    269                 return EBADF;
    270         }
    271        
    272         rc = vfs_file_delref(vfs_data, vfs_data->files[fd]);
    273         vfs_data->files[fd] = NULL;
     278        rc = _vfs_fd_free_locked(vfs_data, fd);
    274279        fibril_mutex_unlock(&vfs_data->lock);
    275280       
     
    308313                return EBADF;
    309314        }
    310         if (FILES[fd] != NULL) {
    311                 fibril_mutex_unlock(&VFS_DATA->lock);
    312                 return EEXIST;
    313         }
     315
     316        /* Make sure fd is closed. */
     317        (void) _vfs_fd_free_locked(VFS_DATA, fd);
     318        assert(FILES[fd] == NULL);
    314319       
    315320        FILES[fd] = file;
  • uspace/srv/vfs/vfs_ops.c

    r38d150e r40feeac  
    102102
    103103        if (newfd != -1) {
    104                 /* Make sure newfd is closed. */
    105                 (void) vfs_fd_free(newfd);
    106104                /* Assign the old file to newfd. */
    107105                rc = vfs_fd_assign(oldfile, newfd);
Note: See TracChangeset for help on using the changeset viewer.