From: Eric Andersen <andersen@codepoet.org>
Date: Mon, 26 Jul 2004 12:05:12 +0000 (-0000)
Subject: YAEGASHI Takeshi writes:
X-Git-Tag: 1_00_rc2~6
X-Git-Url: https://git.librecmc.org/?a=commitdiff_plain;h=882cec3e40af63d1866cab7b1ce322d70f94c7df;p=oweals%2Fbusybox.git

YAEGASHI Takeshi writes:

Hi,

With the following /etc/fstab (any two or more lines of nfs), mount -a
-t nfs causes a segmentation faults.

server:/exports/aaa /mnt/aaa nfs defaults 0 0
server:/exprots/bbb /mnt/bbb nfs defaults 0 0

In util-linux/nfsmount.c, it overwrites malloc'ed pointer *mount_opts
with a static pointer.  With this patch it does proper memory realloc
and data copy instead.
---

diff --git a/util-linux/nfsmount.c b/util-linux/nfsmount.c
index 34f23f5aa..0ebab80f6 100644
--- a/util-linux/nfsmount.c
+++ b/util-linux/nfsmount.c
@@ -315,7 +315,7 @@ int nfsmount(const char *spec, const char *node, int *flags,
 	char new_opts[1024];
 	struct timeval total_timeout;
 	enum clnt_stat clnt_stat;
-	static struct nfs_mount_data data;
+	struct nfs_mount_data data;
 	char *opt, *opteq;
 	int val;
 	struct hostent *hp;
@@ -602,10 +602,9 @@ int nfsmount(const char *spec, const char *node, int *flags,
 #endif
 
 	data.version = nfs_mount_version;
-	*mount_opts = (char *) &data;
 
 	if (*flags & MS_REMOUNT)
-		return 0;
+		goto copy_data_and_return;
 
 	/*
 	 * If the previous mount operation on the same host was
@@ -857,6 +856,9 @@ int nfsmount(const char *spec, const char *node, int *flags,
 	auth_destroy(mclient->cl_auth);
 	clnt_destroy(mclient);
 	close(msock);
+copy_data_and_return:
+	*mount_opts = xrealloc(*mount_opts, sizeof(data));
+	memcpy(*mount_opts, &data, sizeof(data));
 	return 0;
 
 	/* abort */