#1284 closed defect (fixed)

[NFS] Memory corruption in NFS if server connectivity is lost

Reported by: strauman Owned by: Joel Sherrill
Priority: normal Milestone: 4.9
Component: fs Version: 4.8
Severity: normal Keywords:
Cc: norume@… Blocked By:


Under certain circumstances

  • NFS server had been alive in the past
  • connectivity is lost
  • client tries to look up a path
  • client determines that node attributes need to be updated
  • updating node attributes fails (because of missing connectivity)

=> NFS client erroneously returns OK status to 'evalpath'.

If this happens, memory corruption is the consequence.

We have seen crashes and/or warnings from 'free()' about
a 'bad pointer' being free()ed.

NOTE: the attached patch has been committed on the CVS HEAD already, AFAIK

(in cpukit/libfs/src/nfsclient)

Attachments (1)

nfs.c.diff (784 bytes) - added by strauman on Apr 25, 2008 at 9:34:53 PM.
fix for the described problem

Download all attachments as: .zip

Change History (3)

Changed on Apr 25, 2008 at 9:34:53 PM by strauman

Attachment: nfs.c.diff added

fix for the described problem

comment:1 Changed on Apr 25, 2008 at 11:05:02 PM by strauman

Resolution: fixed
Status: newclosed

comment:2 Changed on Nov 10, 2009 at 1:38:29 PM by strauman

fixed on all relevant branches

Note: See TracTickets for help on using tickets.