From 1708966d77fff5eb421a583a2a1f2e5c3dd37b1c Mon Sep 17 00:00:00 2001 From: Colin Walters Date: Thu, 23 Feb 2017 11:05:00 -0500 Subject: [PATCH] Backport libmount unref patch --- libmount-unref.patch | 43 +++++++++++++++++++++++++++++++++++++++++++ ostree.spec | 7 ++++++- 2 files changed, 49 insertions(+), 1 deletion(-) create mode 100644 libmount-unref.patch diff --git a/libmount-unref.patch b/libmount-unref.patch new file mode 100644 index 0000000..a57fed5 --- /dev/null +++ b/libmount-unref.patch @@ -0,0 +1,43 @@ +From 4c3ef23b59c870281a75424c74ec0b6b5a4ae5e8 Mon Sep 17 00:00:00 2001 +From: Colin Walters +Date: Thu, 23 Feb 2017 09:40:17 -0500 +Subject: [PATCH] deploy: Correctly use libmount unref() calls rather than + free() + +We saw a random ostree SEGV start popping up in our CI environment: +https://github.com/projectatomic/rpm-ostree/pull/641#issuecomment-281870424 + +Looking at this code more and comparing it to what util-linux does, I noticed we +had a write-after-free, since `mnt_unref_table()` will invoke +`mnt_unref_cache()` on its cache, and that function does: + +``` + if (cache) { + cache->rfcount--; +``` + +unconditionally. + +Fix this by using `unref()`. +--- + src/libostree/ostree-sysroot-deploy.c | 4 ++-- + 1 file changed, 2 insertions(+), 2 deletions(-) + +diff --git a/src/libostree/ostree-sysroot-deploy.c b/src/libostree/ostree-sysroot-deploy.c +index cb5a461..5a3f6d8 100644 +--- a/src/libostree/ostree-sysroot-deploy.c ++++ b/src/libostree/ostree-sysroot-deploy.c +@@ -1692,8 +1692,8 @@ is_ro_mount (const char *path) + + fs = mnt_table_find_target(tb, path, MNT_ITER_BACKWARD); + is_mount = fs && mnt_fs_get_target (fs); +- mnt_free_cache (cache); +- mnt_free_table (tb); ++ mnt_unref_cache (cache); ++ mnt_unref_table (tb); + + if (!is_mount) + return FALSE; +-- +2.9.3 + diff --git a/ostree.spec b/ostree.spec index d71e586..0186cb6 100644 --- a/ostree.spec +++ b/ostree.spec @@ -1,13 +1,15 @@ Summary: Tool for managing bootable, immutable filesystem trees Name: ostree Version: 2017.2 -Release: 2%{?dist} +Release: 3%{?dist} #VCS: git:git://git.gnome.org/ostree Source0: https://github.com/ostreedev/%{name}/releases/download/v%{version}/libostree-%{version}.tar.xz Source1: 91-ostree.preset License: LGPLv2+ URL: https://ostree.readthedocs.io/en/latest/ +Patch0: libmount-unref.patch + BuildRequires: git # We always run autogen.sh BuildRequires: autoconf automake libtool @@ -137,6 +139,9 @@ install -D -m 0644 %{SOURCE1} %{buildroot}%{_prefix}/lib/systemd/system-preset/9 %endif %changelog +* Thu Feb 23 2017 Colin Walters - 2017.2-3 +- Backport libmount unref patch + * Tue Feb 14 2017 Colin Walters - 2017.2-2 - New upstream version