ubik: Avoid unlinking garbage
authorSimon Wilkinson <sxw@your-file-system.com>
Wed, 27 Feb 2013 10:34:59 +0000 (10:34 +0000)
committerJeffrey Altman <jaltman@your-file-system.com>
Wed, 27 Feb 2013 20:45:18 +0000 (12:45 -0800)
If SDISK_SendFail fails before the pathname to the temporary file
has been constructed, then the failure handler will unlink stack
garbage, with variable results.

Initialise the string, and check to see if it has contents before
calling unlink

Change-Id: I1de898d5f0f0dc608e9c9c62dc66e6b4b9fdc5bf
Reviewed-on: http://gerrit.openafs.org/9299
Reviewed-by: Derrick Brashear <shadow@your-file-system.com>
Tested-by: BuildBot <buildbot@rampaginggeek.com>
Reviewed-by: Jeffrey Altman <jaltman@your-file-system.com>

src/ubik/remote.c

index 44917e2..37d9384 100644 (file)
@@ -455,6 +455,7 @@ SDISK_SendFile(struct rx_call *rxcall, afs_int32 file,
     /* send the file back to the requester */
 
     dbase = ubik_dbase;
+    pbuffer[0] = '\0';
 
     if ((code = ubik_CheckAuth(rxcall))) {
        DBHOLD(dbase);
@@ -576,7 +577,9 @@ failed_locked:
 
 failed:
     if (code) {
-       unlink(pbuffer);
+       if (pbuffer[0] != '\0')
+           unlink(pbuffer);
+
        /* Failed to sync. Allow reads again for now. */
        if (dbase != NULL) {
            UBIK_VERSION_LOCK;