shithub: gefs

Info  •  Files  •  Log  •  Branches

fs: keep userlk locked until we are done with the User
Otherwise, if the users are reloaded at the wrong time we will end
up with a use-after-free.

Also, add missing lock of userlk in readauth.

--- a/fs.c

+++ b/fs.c

@@ -738,6 +738,7 @@

 	Key dk;

 	Fid f;

 	Tree *t;

+	int uid;

 	if((mnt = mallocz(sizeof(Mount), 1)) == nil){

 		rerror(m, Enomem);

@@ -756,6 +757,7 @@

 		runlock(&fs->userlk);

 		return;

 	}

+	uid = u->id;

 	runlock(&fs->userlk);

 	if((t = openlabel(m->aname)) == nil){

@@ -803,8 +805,8 @@

 	f.mode = -1;

 	f.iounit = m->conn->iounit;

 	f.dent = de;

-	f.uid = u->id;

-	f.duid = u->id;

+	f.uid = uid;

+	f.duid = uid;

 	f.dgid = d.gid;

 	f.dmode = d.mode;

 	if(dupfid(m->conn, m->fid, &f) == nil){

@@ -1492,11 +1494,15 @@

 	case ARdone:

 		if((ai = auth_getinfo(rpc)) == nil)

 			goto Phase;

+		rlock(&fs->userlk);

 		u = name2user(ai->cuid);

 		auth_freeAI(ai);

-		if(u == nil)

+		if(u == nil){

+			runlock(&fs->userlk);

 			return Enouser;

+		}

 		f->uid = u->id;

+		runlock(&fs->userlk);

 		return nil;

 	case ARok:

 		if(m->count < rpc->narg)