diff options
author | Rostislav <rostislav@users.noreply.github.com> | 2018-07-21 12:57:09 +0300 |
---|---|---|
committer | Nikolaus Rath <Nikolaus@rath.org> | 2018-07-21 10:57:09 +0100 |
commit | 5f125c5e6be24c8d216a4d3c623dc73d742c8c86 (patch) | |
tree | dc98c1f6db3695d6cf46276f0674bff243fd646e /lib | |
parent | 795ad5d77434f3502e63a70c8a3fda94fa347e3d (diff) |
Fix readdir() bug when a non-zero offset is specified in filler (#269)
The bug occurs when a filesystem client reads a directory until the end,
seeks using seekdir() to some valid non-zero position and calls
readdir(). A valid 'struct dirent *' is expected, but NULL is returned
instead. Pseudocode demonstrating the bug:
DIR *dp = opendir("some_dir");
struct dirent *de = readdir(dp);
/* Get offset of the second entry */
long offset = telldir(dp);
/* Read directory until the end */
while (de)
de = readdir(de);
seekdir(dp, offset);
de = readdir(dp);
/* de must contain the second entry, but NULL is returned instead */
The reason of the bug is that when the end of directory is reached, the
kernel calls FUSE_READDIR op with an offset at the end of directory, so
the filesystem's .readdir callback never calls the filler function, and
we end up with dh->filled set to 1. After seekdir(), FUSE_READDIR is
called again with a new offset, but this time the filesystem's .readdir
callback is never called, and an empty reply is returned.
Fix by setting dh->filled to 1 only when zero offsets are given to
filler function.
Diffstat (limited to 'lib')
-rw-r--r-- | lib/fuse.c | 26 |
1 files changed, 15 insertions, 11 deletions
@@ -3455,6 +3455,11 @@ static int fill_dir(void *dh_, const char *name, const struct stat *statp, if (off) { size_t newlen; + if (dh->filled) { + dh->error = -EIO; + return 1; + } + if (dh->first) { dh->error = -EIO; return 1; @@ -3463,7 +3468,6 @@ static int fill_dir(void *dh_, const char *name, const struct stat *statp, if (extend_contents(dh, dh->needlen) == -1) return 1; - dh->filled = 0; newlen = dh->len + fuse_add_direntry(dh->req, dh->contents + dh->len, dh->needlen - dh->len, name, @@ -3473,10 +3477,8 @@ static int fill_dir(void *dh_, const char *name, const struct stat *statp, dh->len = newlen; } else { - if (!dh->filled) { - dh->error = -EIO; - return 1; - } + dh->filled = 1; + if (fuse_add_direntry_to_dh(dh, name, &stbuf) == -1) return 1; } @@ -3526,6 +3528,11 @@ static int fill_dir_plus(void *dh_, const char *name, const struct stat *statp, if (off) { size_t newlen; + if (dh->filled) { + dh->error = -EIO; + return 1; + } + if (dh->first) { dh->error = -EIO; return 1; @@ -3533,7 +3540,6 @@ static int fill_dir_plus(void *dh_, const char *name, const struct stat *statp, if (extend_contents(dh, dh->needlen) == -1) return 1; - dh->filled = 0; newlen = dh->len + fuse_add_direntry_plus(dh->req, dh->contents + dh->len, dh->needlen - dh->len, name, @@ -3542,10 +3548,8 @@ static int fill_dir_plus(void *dh_, const char *name, const struct stat *statp, return 1; dh->len = newlen; } else { - if (!dh->filled) { - dh->error = -EIO; - return 1; - } + dh->filled = 1; + if (fuse_add_direntry_to_dh(dh, name, &e.attr) == -1) return 1; } @@ -3588,7 +3592,7 @@ static int readdir_fill(struct fuse *f, fuse_req_t req, fuse_ino_t ino, dh->len = 0; dh->error = 0; dh->needlen = size; - dh->filled = 1; + dh->filled = 0; dh->req = req; fuse_prepare_interrupt(f, req, &d); err = fuse_fs_readdir(f->fs, path, dh, filler, off, fi, flags); |