diff options
| author | Dave Reisner | 2012-03-04 22:08:39 +0100 |
|---|---|---|
| committer | Karel Zak | 2012-03-08 16:06:02 +0100 |
| commit | bf91904c24c470a750a7efa8ceaed3f9e9996b6c (patch) | |
| tree | 13a36683bc1dcfcafd8b520ccd8c69c127603d8f /libmount/src/tab.c | |
| parent | lsblk: escape unsafe chars in parsable output (diff) | |
| download | kernel-qcow2-util-linux-bf91904c24c470a750a7efa8ceaed3f9e9996b6c.tar.gz kernel-qcow2-util-linux-bf91904c24c470a750a7efa8ceaed3f9e9996b6c.tar.xz kernel-qcow2-util-linux-bf91904c24c470a750a7efa8ceaed3f9e9996b6c.zip | |
libmount: avoid infinite loop in child fs iteration
In early userspace, the rootfs is mounted with itself as its parent.
Example /proc/self/mountinfo:
1 1 0:1 / / rw - rootfs rootfs rw
14 1 0:3 / /proc rw,nosuid,nodev,noexec,relatime - proc proc rw
15 1 0:13 / /sys rw,nosuid,nodev,noexec,relatime - sysfs sys rw
16 1 0:5 / /dev rw,nosuid,relatime - devtmpfs dev rw,size=506956k
17 1 0:14 / /run rw,nosuid,nodev,relatime - tmpfs run rw,mode=755
This causes an infinite loop in mnt_table_next_child_fs, and is
evidenced by a crash via infinite recursion in findmnt. Simply catch the
condition where the ID of the parent is the ID of the current fs we're
examining and skip over it to the next mount in the table.
Signed-off-by: Dave Reisner <dreisner@archlinux.org>
Diffstat (limited to 'libmount/src/tab.c')
| -rw-r--r-- | libmount/src/tab.c | 5 |
1 files changed, 5 insertions, 0 deletions
diff --git a/libmount/src/tab.c b/libmount/src/tab.c index 9992c9cf1..54d58c880 100644 --- a/libmount/src/tab.c +++ b/libmount/src/tab.c @@ -286,6 +286,11 @@ int mnt_table_next_child_fs(struct libmnt_table *tb, struct libmnt_iter *itr, id = mnt_fs_get_id(fs); + /* avoid infinite loop. This only happens in rare cases + * such as in early userspace when the rootfs is its own parent */ + if (id == parent_id) + continue; + if ((!lastchld_id || id > lastchld_id) && (!*chld || id < chld_id)) { *chld = fs; |