bugfix: fix possible segfault during umount -a

mnt_context_get_mtab() doesn't set its return **tb argument on error, and so in mnt_context_next_umount() mtab will remain uninitialized on error, later resulting in cxt->mtab containing garbage, possibly resulting in segfault on exit.
author: Richard Fuchs 2018-04-17 15:40:20 +0200
committer: Richard Fuchs 2018-04-17 15:52:37 +0200
commit: f958101d2ea55174f8cd584efe41d4cefa9578c6 (patch)
tree: 7eaf4c600d811cac4086faa2e6bfef7dedba938a /libmount/src/context_umount.c
parent: choom: fix build, remove unnecessary include (diff)
download: kernel-qcow2-util-linux-f958101d2ea55174f8cd584efe41d4cefa9578c6.tar.gz
kernel-qcow2-util-linux-f958101d2ea55174f8cd584efe41d4cefa9578c6.tar.xz
kernel-qcow2-util-linux-f958101d2ea55174f8cd584efe41d4cefa9578c6.zip
1 files changed, 2 insertions, 1 deletions
diff --git a/libmount/src/context_umount.c b/libmount/src/context_umount.c
index 45651b58e..240ec3be6 100644
--- a/libmount/src/context_umount.c
+++ b/libmount/src/context_umount.c
@@ -1003,11 +1003,12 @@ int mnt_context_next_umount(struct libmnt_context *cxt,
 	rc = mnt_context_get_mtab(cxt, &mtab);
 	cxt->mtab = NULL;		/* do not reset mtab */
 	mnt_reset_context(cxt);
-	cxt->mtab = mtab;
 
 	if (rc)
 		return rc;
 
+	cxt->mtab = mtab;
+
 	do {
 		rc = mnt_table_next_fs(mtab, itr, fs);
 		if (rc != 0)
author	Richard Fuchs	2018-04-17 15:40:20 +0200
committer	Richard Fuchs	2018-04-17 15:52:37 +0200
commit	f958101d2ea55174f8cd584efe41d4cefa9578c6 (patch)
tree	7eaf4c600d811cac4086faa2e6bfef7dedba938a /libmount/src/context_umount.c
parent	choom: fix build, remove unnecessary include (diff)
download	kernel-qcow2-util-linux-f958101d2ea55174f8cd584efe41d4cefa9578c6.tar.gz kernel-qcow2-util-linux-f958101d2ea55174f8cd584efe41d4cefa9578c6.tar.xz kernel-qcow2-util-linux-f958101d2ea55174f8cd584efe41d4cefa9578c6.zip