mountd: Possible bug in next_mnt()
From: Richard Weinberger <richard@nod.at>
Date: 2023-03-08 15:06:59
Subsystem:
the rest · Maintainer:
Linus Torvalds
Hi! next_mnt() finds submounts below a given path p. While investigating into an issue in my crossmount patches for nfs-utils I noticed that it does not work when fsid=root, rootdir=/some/path/ and then "/" is being exported. In this case next_mnt() is asked to find submounts of "/" but returns none. In my opinion this wrong because every mount is a submount of "/". The following change fixes the problem on my side but I'm not sure whether "/" is a special case in mountd where next_mnt() has to bail out.
diff --git a/support/export/cache.c b/support/export/cache.c
index 2497d4f48df3..be20cb34adcb 100644
--- a/support/export/cache.c
+++ b/support/export/cache.c@@ -410,13 +410,13 @@ static char *next_mnt(void **v, char *p) *v = f; } else f = *v; - while ((me = getmntent(f)) != NULL && l > 1) { + while ((me = getmntent(f)) != NULL && l >= 1) { char *mnt_dir = nfsd_path_strip_root(me->mnt_dir); if (!mnt_dir) continue; - if (strncmp(mnt_dir, p, l) == 0 && mnt_dir[l] == '/') + if (strncmp(mnt_dir, p, l) == 0 && (l == 1 || mnt_dir[l] == '/')) return mnt_dir; } endmntent(f);
Comments? :-) Thanks, //richard