d/freebsd-dev
1
0
Fork 0
Code Issues Pull Requests Packages Projects Releases Wiki Activity
c2819440b3
freebsd-dev/sys
History
Bruce Evans c2819440b3 Fix races in msdosfs_lookup() and msdosfs_readdir(). These functions 
can easily block in bread(), and then there was nothing to prevent the
static buffer (nambuf_{ptr,len,last_id}) being clobbered by another
thread.

The effects of the bug seem to have been limited to failed lookups and
mangled names in readdir(), since Giant locking provides enough
serialization to prevent concurrent calls to the functions that access
the buffer.  They were very obvious for multiple concurrent tree walks,
especially with a small cluster size.

The bug was introduced in msdosfs_conv.c 1.34 and associated changes,
and is in all releases starting with 5.2.

The fix is to allocate the buffer as a local variable and pass around
pointers to it like "_r" functions in libc do.  Stack use from this
is large but not too large.  This also fixes a memory leak on module
unload.

Reviewed by:	kib
Approved by:	re (kensmith)
2007-08-31 22:29:55 +00:00
..
amd64 Regenerate. 2007-08-28 12:36:23 +00:00
arm Just wbinv if both PREREAD and PREWRITE are set. 2007-08-18 16:47:28 +00:00
boot Don't pass RB_BOOTINFO to the kernel. There's no bootinfo actually 2007-08-17 18:22:31 +00:00
bsm Merge OpenBSM 1.0 alpha 15 changes to src/sys/bsm: 2007-07-22 12:28:13 +00:00
cam Do not forget to cam_periph_unhold the peripheral before exiting 2007-07-21 18:07:45 +00:00
cddl Some ZFS threads needs stack larger than the default 8kB, so use 16kB of 2007-08-16 20:33:20 +00:00
compat Rework the routines to convert a 5.x+ statfs structure (with fixed-size 2007-08-28 20:28:12 +00:00
conf Add a driver for the on-die digital thermal sensor found on Intel Core 2007-08-15 19:26:03 +00:00
contrib When checking the sequence number of a TCP header embedded in an 2007-08-23 09:30:58 +00:00
crypto Commit the change from FAST_IPSEC to IPSEC. The FAST_IPSEC 2007-07-03 12:13:45 +00:00
ddb
dev Evaluate _OSC on boot to indicate our OS capabilities to ACPI. This is 2007-08-30 21:18:42 +00:00
fs Fix races in msdosfs_lookup() and msdosfs_readdir(). These functions 2007-08-31 22:29:55 +00:00
gdb
geom Have gpart synthesize a disk geometry if the underlying provider 2007-06-17 22:19:19 +00:00
gnu Some times ago, vfs_getopts() was changed, so that it would set error to 2007-08-20 15:33:22 +00:00
i4b I4B header files were repo-copied from sys/i386/include/ to 2007-07-06 07:17:22 +00:00
i386 Regenerate. 2007-08-28 12:36:23 +00:00
ia64 Clear pending interrupts before we enable external interrupts. 2007-08-06 05:15:57 +00:00
isa It seems that some i386 mothermoards either do not implement the 2007-07-27 09:34:42 +00:00
kern Close a race that snuck in with the recent changes to fix a LOR between 2007-08-31 19:01:30 +00:00
libkern
modules Makefile for building zyd kernel module. 2007-08-29 21:04:26 +00:00
net Show the ACTIVE flag in ifconfig for the single interface that is actaully 2007-08-30 19:12:10 +00:00
net80211 Off-by-one bug in country ie construction, which will make HOSTAP send out 2007-08-26 11:34:51 +00:00
netatalk Mark wire data structures in netatalk as __packed so that they are 2007-06-28 12:54:58 +00:00
netatm Disconnect netatm from the build as it is not MPSAFE and relies on 2007-07-14 21:49:24 +00:00
netgraph Return EADDRNOTAVAIL instead of EDESTADDRREQ error when 2007-08-23 16:55:22 +00:00
netinet Repair ALTQ-tagging rules in IPFW which got broken in the last PF 2007-08-29 19:34:28 +00:00
netinet6 - During shutdown pending, when the last sack came in and 2007-08-27 05:19:48 +00:00
netipsec Remove the now-unused NET_{LOCK,UNLOCK,ASSERT}_GIANT() macros, which 2007-08-06 14:26:03 +00:00
netipx Make tcpstates[] static, and make sure TCPSTATES is defined before 2007-07-30 11:06:42 +00:00
netnatm
netncp
netsmb Fixing the mount_smbfs(8) hanging by utilising the destroy_dev_sched() KPI. 2007-07-10 09:23:10 +00:00
nfs
nfs4client
nfsclient Remove the now-unused NET_{LOCK,UNLOCK,ASSERT}_GIANT() macros, which 2007-08-06 14:26:03 +00:00
nfsserver Remove the now-unused NET_{LOCK,UNLOCK,ASSERT}_GIANT() macros, which 2007-08-06 14:26:03 +00:00
opencrypto Quiet warnings. These do not appear to be actually used uninitialized, 2007-07-05 06:59:14 +00:00
pc98 Mfi386 revision 1.239 of src/sys/i386/isa/clock.c. Seemingly some 2007-07-29 20:16:48 +00:00
pccard
pci Remove the now-unused NET_{LOCK,UNLOCK,ASSERT}_GIANT() macros, which 2007-08-06 14:26:03 +00:00
powerpc Revamp the interrupt handling in support of INTR_FILTER. This includes: 2007-08-11 19:25:32 +00:00
rpc Remove the now-unused NET_{LOCK,UNLOCK,ASSERT}_GIANT() macros, which 2007-08-06 14:26:03 +00:00
security Remove the now-unused NET_{LOCK,UNLOCK,ASSERT}_GIANT() macros, which 2007-08-06 14:26:03 +00:00
sparc64 - Divorce the IOTSBs, which so far where handled via a global list 2007-08-05 11:56:44 +00:00
sun4v Fix warning - add missing #include 2007-07-06 00:41:53 +00:00
sys Rework the routines to convert a 5.x+ statfs structure (with fixed-size 2007-08-28 20:28:12 +00:00
tools
ufs Perform range check before allocating memory when reading 2007-07-13 18:51:08 +00:00
vm Do not drop vm_map lock between doing vm_map_remove() and vm_map_insert(). 2007-08-20 12:05:45 +00:00
Makefile Complete repo-copy and move of Coda from src/sys/coda to src/sys/fs/coda 2007-07-12 21:04:58 +00:00