Date: Tue, 2 Jun 1998 00:30:02 -0700 (PDT) From: Bruce Evans <bde@zeta.org.au> To: freebsd-bugs@FreeBSD.ORG Subject: Re: kern/6820: cd9660_mount NULL pointer deref for no CDROM drive Message-ID: <199806020730.AAA14761@freefall.freebsd.org>
index | next in thread | raw e-mail
The following reply was made to PR kern/6820; it has been noted by GNATS.
From: Bruce Evans <bde@zeta.org.au>
To: dufault@hda.com, FreeBSD-gnats-submit@FreeBSD.ORG
Cc: Subject: Re: kern/6820: cd9660_mount NULL pointer deref for no CDROM drive
Date: Tue, 2 Jun 1998 17:22:57 +1000
>I tried to mount a CD on my crash box. Unfortunately I don't have a
>CDROM drive there. cd9660_mount crashes with a NULL pointer dereference
>of bdevsw[major(devvp->v_rdev)]:
>
>> if ((mp->mnt_flag & MNT_UPDATE) == 0) {
>> if (bdevsw[major(devvp->v_rdev)]->d_flags & D_NOCLUSTERR)
>> mp->mnt_flag |= MNT_NOCLUSTERR;
>> error = iso_mountfs(devvp, mp, p, &args);
>> } else {
>
>This may have been added in 1.29 in the CLUSTERRING commit.
ffs has the same bug. The device node exists but not the device.
It doesn't help that mount() would later return ENXIO, since the
devsw is accessed before the device is opened. This bug is often
masked by sloppy initialization using SYSINIT(). The devsw entries
get initialized although no device is present.
Bruce
To Unsubscribe: send mail to majordomo@FreeBSD.org
with "unsubscribe freebsd-bugs" in the body of the message
help
Want to link to this message? Use this URL: <https://mail-archive.FreeBSD.org/cgi/mid.cgi?199806020730.AAA14761>