>Number:         1720
>Category:       port-amiga
>Synopsis:       Mount of an ados filesystem may crash due to uninitialized data
>Confidential:   no
>Severity:       critical
>Priority:       high
>Responsible:    gnats-admin (GNATS administrator)
>State:          open
>Class:          sw-bug
>Submitter-Id:   net
>Arrival-Date:   Fri Nov  3 03:50:01 1995
>Last-Modified:
>Originator:     Michael L. Hitch
>Organization:
	Information Technology Center
	Montana State University
>Release:        October 27, 1995
>Environment:
	
System: NetBSD amiga2.oscs.montana.edu 1.1_ALPHA NetBSD 1.1_ALPHA (ZEUS) #951027-0: Fri Oct 27 21:08:32 MDT 1995 root@amiga2.oscs.montana.edu:/opt/tmp/src/sys/arch/amiga/compile/ZEUS amiga


>Description:
	The export fields in the adosfs mount structure are not getting
	initialized, and can cause system crashes when an ados filesystem
	is mounted.  Mountd will do a "delete export" on each mounted
	filesystem.  Depending upon what kind of garbage was present in
	the adosfs mount structure, vfs_export() may try to do things
	it shouldn't, and can result in a system crash.
>How-To-Repeat:
	Mount an ados filesystem while mountd is running.
>Fix:
	Apply the following patch to clear the adosfs mount structure:

diff -cr /usr/src/sys/adosfs/advfsops.c sys/adosfs/advfsops.c
*** /usr/src/sys/adosfs/advfsops.c	Fri Oct 13 19:36:34 1995
--- sys/adosfs/advfsops.c	Sun Oct 22 20:56:39 1995
***************
*** 165,170 ****
--- 165,171 ----
  
  	parp = &dl.d_partitions[part];
  	amp = malloc(sizeof(struct adosfsmount), M_ADOSFSMNT, M_WAITOK);
+ 	bzero((char *)amp, (u_long)sizeof(struct adosfsmount));
  	amp->mp = mp;
  	amp->startb = parp->p_offset;
  	amp->endb = parp->p_offset + parp->p_size;
>Audit-Trail:
>Unformatted: