add missing argument check in ulockmgr.c

Add missing argument check in ulockmgr.c to prevent calling
ulockmgr_server with illegal arguments. This would cause an ever growing
list of ulockmgr_server processes with an endless list of open files which
finally exceeds the open file handle limit.

It appears samba is sometimes calling flock with illegal / weired values.

diff --git a/ChangeLog b/ChangeLog
index 075a57041cef313a99be100f1cf18a759b7d4b8f..d0bed8d55345512eed7f693bc59c8eca47f89a96 100644 (file)
--- a/ChangeLog
+++ b/ChangeLog
@@ -1,3 +1,11 @@
+2010-10-05  Miklos Szeredi <miklos@szeredi.hu>
+
+       * Add missing argument check in ulockmgr.c to prevent calling
+       ulockmgr_server with illegal arguments. This would cause an ever
+       growing list of ulockmgr_server processes with an endless list of
+       open files which finally exceeds the open file handle limit.
+       Patch by Markus Ammer
+
 2010-09-28  Miklos Szeredi <miklos@szeredi.hu>
 
        * Fix option escaping for fusermount.  If the "fsname=" option

diff --git a/lib/ulockmgr.c b/lib/ulockmgr.c
index 6703cd03539f7784b89eb1cd2533a3141d2adf4c..b875c5077f78eff5a5c8977414ed8b6e95676891 100644 (file)
--- a/lib/ulockmgr.c
+++ b/lib/ulockmgr.c
@@ -400,6 +400,10 @@ int ulockmgr_op(int fd, int cmd, struct flock *lock, const void *owner,
        if (cmd != F_GETLK && cmd != F_SETLK && cmd != F_SETLKW)
                return -EINVAL;
 
+       if (lock->l_type != F_RDLCK && lock->l_type != F_WRLCK &&
+           lock->l_type != F_UNLCK)
+               return -EINVAL;
+
        if (lock->l_whence != SEEK_SET && lock->l_whence != SEEK_CUR &&
            lock->l_whence != SEEK_END)
                return -EINVAL;