Subject: Uninitialised variable in ffs_mount()?
To: None <tech-kern@netbsd.org>
From: Simon Burge <simonb@netbsd.org>
List: tech-kern
Date: 12/14/1999 12:47:55
Folks,
In ufs/ffs/ffs_vfsops.c:ffs_mount(), "fs" is only initialised in the
block starting:
if (mp->mnt_flag & MNT_UPDATE) {
but is referenced in a block starting:
if ((mp->mnt_flag & MNT_UPDATE) == 0) {
at line 239 in version 1.56. This looks like it could panic with a
null pointer reference if a softdep enabled filesystem is mounted
asynchronously. It looks like it's as simple as moving
ump = VFSTOUFS(mp);
fs = ump->um_fs;
to before line 295 (or better is deleting those two altogether and
moving the similar lines at line 189 before the first "if") but I don't
want to mess with areas I don't know about... Anyone want to look into
this (or tell me if my analysis is flawed)?
Simon.