Bug 141932 - mount with MS_BIND flag accesses invalid data
Summary: mount with MS_BIND flag accesses invalid data
Keywords:
Status: CLOSED ERRATA
Alias: None
Product: Fedora
Classification: Fedora
Component: strace
Version: rawhide
Hardware: All
OS: Linux
medium
medium
Target Milestone: ---
Assignee: Roland McGrath
QA Contact: Brian Brock
URL:
Whiteboard:
Depends On:
Blocks:
TreeView+ depends on / blocked
 
Reported: 2004-12-06 08:12 UTC by Ulrich Drepper
Modified: 2007-11-30 22:10 UTC (History)
1 user (show)

Fixed In Version: RHBA-2005-130
Doc Type: Bug Fix
Doc Text:
Clone Of:
Environment:
Last Closed: 2005-02-02 04:36:37 UTC


Attachments (Terms of Use)
Patch to add some more flags and support for not using printpath (1.19 KB, patch)
2004-12-06 08:12 UTC, Ulrich Drepper
no flags Details | Diff


Links
System ID Priority Status Summary Last Updated
Red Hat Product Errata RHBA-2005:130 normal SHIPPED_LIVE strace bug fix update 2005-06-09 04:00:00 UTC
Red Hat Product Errata RHBA-2005:131 normal SHIPPED_LIVE strace bug fix update 2005-05-19 04:00:00 UTC

Description Ulrich Drepper 2004-12-06 08:12:46 UTC
Description of problem:
If the MS_BIND or MS_MOVE or MS_REMOUNT flag is used with mount, the filesystem
parameter is ignored.  The user might pass garbage (or NULL).  The printpath
call currently used to print the value then fails in umovestr.  This should be
avoided.

Version-Release number of selected component (if applicable):
strace-4.5.8-1

How reproducible:
always

Steps to Reproduce:
1.run code using umount with MS_BIND
2.
3.
  
Actual results:
mount("/home/drepper/tmp", "/tmp", umovestr: Input/output error
0, 0x1000, 0) = 0


Expected results:
mount("/home/drepper/tmp", "/tmp", 0, MS_BIND, 0) = 0


Additional info:
The attached patch should do the trick.

Comment 1 Ulrich Drepper 2004-12-06 08:12:46 UTC
Created attachment 107935 [details]
Patch to add some more flags and support for not using printpath

Comment 2 Dmitry V. Levin 2004-12-20 01:47:25 UTC
There are few more MS_* flags in the current kernel which could be
added altogether.

Comment 3 Roland McGrath 2005-02-02 04:36:37 UTC
I've put the fixes in, though the patch was not complete as is.

Comment 4 Tim Powers 2005-05-19 21:10:02 UTC
An advisory has been issued which should help the problem
described in this bug report. This report is therefore being
closed with a resolution of ERRATA. For more information
on the solution and/or where to find the updated files,
please follow the link below. You may reopen this bug report
if the solution does not work for you.

http://rhn.redhat.com/errata/RHBA-2005-131.html



Note You need to log in before you can comment on or make changes to this bug.