[Ocfs2-tools-devel] [PATCH] mkfs.ocfs2: fix a potential segment fault in main()

Thu Sep 22 05:52:31 PDT 2016

's->global_bm' may be NULL in free_state() as 's->global_bm' will be
initialized later by initialize_bitmap(). So we need judge 'global_bm'
before access its members. The same problem happens for 'system_group'.

'State *s' need to be free in free_state() in case of memory leak.

Fixes: cec294ef135c ("mkfs.ocfs2: fix memory leak problems in main()")

Signed-off-by: Jun Piao <piaojun at huawei.com>
---
 mkfs.ocfs2/mkfs.c | 21 +++++++++++++--------
 1 file changed, 13 insertions(+), 8 deletions(-)

diff --git a/mkfs.ocfs2/mkfs.c b/mkfs.ocfs2/mkfs.c
index 8532e12..0997d5b 100644
--- a/mkfs.ocfs2/mkfs.c
+++ b/mkfs.ocfs2/mkfs.c
@@ -1251,13 +1251,16 @@ free_state(State *s)
 	ocfs2_free(&s->cluster_stack);
 	ocfs2_free(&s->cluster_name);
 
-	for (i = 0; i < s->nr_cluster_groups; i++)
-		free_alloc_group(s->global_bm->groups[i]);
-	ocfs2_free(&s->global_bm->groups);
-	ocfs2_free(&s->global_bm->name);
-	ocfs2_free(&s->global_bm);
+	if (s->global_bm) {
+		for (i = 0; i < s->nr_cluster_groups; i++)
+			free_alloc_group(s->global_bm->groups[i]);
+		ocfs2_free(&s->global_bm->groups);
+		ocfs2_free(&s->global_bm->name);
+		ocfs2_free(&s->global_bm);
+	}
 
 	free_alloc_group(s->system_group);
+	ocfs2_free(&s);
 }
 
 static int
@@ -1877,9 +1880,11 @@ initialize_alloc_group(State *s, const char *name,
 static void
 free_alloc_group(AllocGroup *group)
 {
-	ocfs2_free(&group->name);
-	ocfs2_free(&group->gd);
-	ocfs2_free(&group);
+	if (group) {
+		ocfs2_free(&group->name);
+		ocfs2_free(&group->gd);
+		ocfs2_free(&group);
+	}
 }
 
 static AllocBitmap *
-- 
1.8.4.3


