Under some failure cases, we can get to fatal_error()
without even having a superblock set up. In that case,
ext2fs_mmp_stop() will segfault when it tries to dereference
fs->super.
Check for the existence of a superblock before we go
down the ext2fs_mmp_stop() path to avoid this problem.
Reported-by: Hubert Kario <[email protected]>
Addresses-Red-Hat-Bugzilla: #997972
Signed-off-by: Eric Sandeen <[email protected]>
---
diff --git a/e2fsck/util.c b/e2fsck/util.c
index 9eaf557..18005f4 100644
--- a/e2fsck/util.c
+++ b/e2fsck/util.c
@@ -55,7 +55,7 @@ void fatal_error(e2fsck_t ctx, const char *msg)
fprintf (stderr, "e2fsck: %s\n", msg);
if (!fs)
goto out;
- if (fs->io) {
+ if (fs->io && fs->super) {
ext2fs_mmp_stop(ctx->fs);
if (ctx->fs->io->magic == EXT2_ET_MAGIC_IO_CHANNEL)
io_channel_flush(ctx->fs->io);
On Fri, Aug 16, 2013 at 12:05:55PM -0500, Eric Sandeen wrote:
> Under some failure cases, we can get to fatal_error()
> without even having a superblock set up. In that case,
> ext2fs_mmp_stop() will segfault when it tries to dereference
> fs->super.
>
> Check for the existence of a superblock before we go
> down the ext2fs_mmp_stop() path to avoid this problem.
>
> Reported-by: Hubert Kario <[email protected]>
> Addresses-Red-Hat-Bugzilla: #997972
> Signed-off-by: Eric Sandeen <[email protected]>
Thanks, applied.
- Ted