From: Joe Gorse <jhgorse@gmail.com>
Date: Thu, 6 Jul 2017 19:47:24 +0000 (-0400)
Subject: LINUX: afs_create infinite fetchStatus loop
X-Git-Tag: upstream/1.8.0_pre2^3~14
X-Git-Url: https://git.michaelhowe.org/gitweb/?a=commitdiff_plain;h=32ddf88547f921b33dd93473883928051faab950;p=packages%2Fo%2Fopenafs.git

LINUX: afs_create infinite fetchStatus loop

For a file in a directory with the CStatd bit cleared, we can get
an infinite fetchStatus loop.

In afs_create(), afs_getDCache() may return NULL due to an error.
If unchecked it will loop which may produce multiple fetchStatus()
calls to the fileserver.

Credit: Yadav Yadavendra for identifying and analysing this issue.

Change-Id: Iecd77d49a5f3e8bb629396c57246736b39aa935f
Reviewed-on: https://gerrit.openafs.org/12651
Tested-by: BuildBot <buildbot@rampaginggeek.com>
Reviewed-by: Benjamin Kaduk <kaduk@mit.edu>
---

diff --git a/src/afs/VNOPS/afs_vnop_create.c b/src/afs/VNOPS/afs_vnop_create.c
index 30eaa7b1e..fe37eed36 100644
--- a/src/afs/VNOPS/afs_vnop_create.c
+++ b/src/afs/VNOPS/afs_vnop_create.c
@@ -131,6 +131,15 @@ afs_create(OSI_VC_DECL(adp), char *aname, struct vattr *attrs,
     }
 
     tdc = afs_GetDCache(adp, (afs_size_t) 0, treq, &offset, &len, 1);
+
+    /** Prevent multiple fetchStatus calls to fileserver when afs_GetDCache()
+      * returns NULL for an error condition
+      */
+    if (!tdc) {
+      code = EIO;
+      goto done;
+    }
+
     ObtainWriteLock(&adp->lock, 135);
     if (tdc)
 	ObtainSharedLock(&tdc->lock, 630);