Who broke NFS?

Tue Dec 5 06:11:39 PST 2006

Emiel Kollof wrote:
A fix for this problem was found, thanks to TGEN and corecode. The case was 
that nch was NULL and dereferenced by that if over there. nch gets dropped 
before, so thatÅ› how that NULL deref was possible. Here's a patch that solves 
the problem for me:

--- nfs_subs.c  2006-10-27 06:56:34.000000000 +0200
+++ nfs_subs.c.fixed    2006-12-05 14:31:51.000000000 +0100
@@ -1604,8 +1604,8 @@
         */
        if (error == 0) {
                if (dvpp) {
+                       nch = nd->nl_nch;
                        if (nch.ncp->nc_parent) {
-                               nch = nd->nl_nch;
                                nch.ncp = nch.ncp->nc_parent;
                                error = cache_vget(&nch, nd->nl_cred,
                                                   LK_EXCLUSIVE, dvpp);
If noone objects, I'll commit it this afternoon (in ~ 5 hours).

Cheers,
--
        Thomas E. Spanjaard
        tgen at netphreax.net
Attachment:
signature.asc
-------------- next part --------------
A non-text attachment was scrubbed...
Name: pgp00005.pgp
Type: application/octet-stream
Size: 186 bytes
Desc: "Description: OpenPGP digital signature"
URL: <http://lists.dragonflybsd.org/pipermail/kernel/attachments/20061205/c42749e4/attachment-0020.obj>
