From: mkmm@gmx-topmail.de <mkmm@gmx-topmail.de>
Date: Tue, 5 Oct 2010 11:00:06 +0000 (+0200)
Subject: add missing argument check in ulockmgr.c
X-Git-Tag: fuse_2_9_0~103
X-Git-Url: http://git.maquefel.me/?a=commitdiff_plain;h=ec4a01f94389ce01d667641c77cd34608c72c6f3;p=qemu-gpiodev%2Flibfuse.git

add missing argument check in ulockmgr.c

Add missing argument check in ulockmgr.c to prevent calling
ulockmgr_server with illegal arguments. This would cause an ever growing
list of ulockmgr_server processes with an endless list of open files which
finally exceeds the open file handle limit.

It appears samba is sometimes calling flock with illegal / weired values.
---

diff --git a/ChangeLog b/ChangeLog
index 075a570..d0bed8d 100644
--- a/ChangeLog
+++ b/ChangeLog
@@ -1,3 +1,11 @@
+2010-10-05  Miklos Szeredi <miklos@szeredi.hu>
+
+	* Add missing argument check in ulockmgr.c to prevent calling
+	ulockmgr_server with illegal arguments. This would cause an ever
+	growing list of ulockmgr_server processes with an endless list of
+	open files which finally exceeds the open file handle limit.
+	Patch by Markus Ammer
+
 2010-09-28  Miklos Szeredi <miklos@szeredi.hu>
 
 	* Fix option escaping for fusermount.  If the "fsname=" option
diff --git a/lib/ulockmgr.c b/lib/ulockmgr.c
index 6703cd0..b875c50 100644
--- a/lib/ulockmgr.c
+++ b/lib/ulockmgr.c
@@ -400,6 +400,10 @@ int ulockmgr_op(int fd, int cmd, struct flock *lock, const void *owner,
 	if (cmd != F_GETLK && cmd != F_SETLK && cmd != F_SETLKW)
 		return -EINVAL;
 
+	if (lock->l_type != F_RDLCK && lock->l_type != F_WRLCK &&
+	    lock->l_type != F_UNLCK)
+		return -EINVAL;
+
 	if (lock->l_whence != SEEK_SET && lock->l_whence != SEEK_CUR &&
 	    lock->l_whence != SEEK_END)
 		return -EINVAL;