From e3987ff7a638f9ea8b6794f1ed0df530d8488033 Mon Sep 17 00:00:00 2001 From: Jeremy Allison Date: Thu, 27 Apr 2000 18:46:10 +0000 Subject: Fixed crash bugs Andrew pointed out with LOCK4 smbtorture test. Was miscounting posix locks, plus was not taking into account the case where other_fsp == fsp in the 'move locks' case. DOH ! This code will be re-written anyway :-). Jeremy. (This used to be commit 5278ec016cb24d8263fe6e7c1d389f466270ef24) --- source3/include/smb.h | 2 +- source3/locking/locking.c | 17 +++++++---------- source3/smbd/open.c | 12 ++++++++---- 3 files changed, 16 insertions(+), 15 deletions(-) (limited to 'source3') diff --git a/source3/include/smb.h b/source3/include/smb.h index 1559143418..2e11d66729 100644 --- a/source3/include/smb.h +++ b/source3/include/smb.h @@ -489,7 +489,7 @@ typedef struct files_struct time_t pending_modtime; int oplock_type; int sent_oplock_break; - unsigned int num_posix_locks; + int num_posix_locks; unsigned int num_posix_pending_closes; int *posix_pending_close_fds; BOOL can_lock; diff --git a/source3/locking/locking.c b/source3/locking/locking.c index 811dfbc101..b61e8acedc 100644 --- a/source3/locking/locking.c +++ b/source3/locking/locking.c @@ -284,7 +284,7 @@ static BOOL is_posix_locked(files_struct *fsp, SMB_BIG_UINT u_offset, SMB_BIG_UI SMB_OFF_T count; DEBUG(10,("is_posix_locked: File %s, offset = %.0f, count = %.0f, type = %s\n", - fsp->fsp_name, (double)offset, (double)count, lock_type_name(lock_type) )); + fsp->fsp_name, (double)u_offset, (double)u_count, lock_type_name(lock_type) )); /* * If the requested lock won't fit in the POSIX range, we will @@ -315,7 +315,7 @@ static BOOL set_posix_lock(files_struct *fsp, SMB_BIG_UINT u_offset, SMB_BIG_UIN BOOL ret = True; DEBUG(5,("set_posix_lock: File %s, offset = %.0f, count = %.0f, type = %s\n", - fsp->fsp_name, (double)offset, (double)count, lock_type_name(lock_type) )); + fsp->fsp_name, (double)u_offset, (double)u_count, lock_type_name(lock_type) )); /* * If the requested lock won't fit in the POSIX range, we will @@ -350,17 +350,15 @@ static BOOL release_posix_lock(files_struct *fsp, SMB_BIG_UINT u_offset, SMB_BIG BOOL ret = True; DEBUG(5,("release_posix_lock: File %s, offset = %.0f, count = %.0f\n", - fsp->fsp_name, (double)offset, (double)count )); + fsp->fsp_name, (double)u_offset, (double)u_count )); if(u_count == 0) { /* * This lock must overlap with an existing read-only lock - * help by another fd. Just decrement the count but don't - * do any POSIX call. + * help by another fd. Don't do any POSIX call. */ - fsp->num_posix_locks--; return True; } @@ -374,10 +372,7 @@ static BOOL release_posix_lock(files_struct *fsp, SMB_BIG_UINT u_offset, SMB_BIG ret = fcntl_lock(fsp->fd,SMB_F_SETLK,offset,count,F_UNLCK); - if(ret) - fsp->num_posix_locks--; - - return True; + return ret; } /**************************************************************************** @@ -565,6 +560,8 @@ BOOL do_unlock(files_struct *fsp,connection_struct *conn, fsp->num_posix_locks--; + SMB_ASSERT(fsp->num_posix_locks >= 0); + return True; /* Did unlock */ } diff --git a/source3/smbd/open.c b/source3/smbd/open.c index 44bb6ebaf7..c7ca8256d2 100644 --- a/source3/smbd/open.c +++ b/source3/smbd/open.c @@ -57,12 +57,16 @@ static BOOL fd_close_posix_locks(files_struct *fsp) { files_struct *other_fsp; - DEBUG(10,("fd_close_posix_locks: file %s: fsp->num_posix_pending_closes = %u.\n", fsp->fsp_name, - (unsigned int)fsp->num_posix_pending_closes )); + DEBUG(10,("fd_close_posix_locks: file %s: fsp->num_posix_pending_closes = %u \ +fsp->posix_pending_close_fds = %lx.\n", fsp->fsp_name, + (unsigned int)fsp->num_posix_pending_closes, (unsigned long)fsp->posix_pending_close_fds )); for(other_fsp = file_find_di_first(fsp->dev, fsp->inode); other_fsp; other_fsp = file_find_di_next(other_fsp)) { + if(other_fsp == fsp) + continue; + if ((other_fsp->fd != -1) && other_fsp->num_posix_locks) { /* @@ -74,8 +78,8 @@ static BOOL fd_close_posix_locks(files_struct *fsp) unsigned int extra_fds = fsp->num_posix_pending_closes + 1; DEBUG(10,("fd_close_posix_locks: file %s: Transferring to \ -file %s, other_fsp->num_posix_pending_closes = %u.\n", - fsp->fsp_name, other_fsp->fsp_name, (unsigned int)other_fsp->num_posix_pending_closes )); +file %s, extra_fds = %u, other_fsp->num_posix_pending_closes = %u.\n", + fsp->fsp_name, other_fsp->fsp_name, extra_fds, (unsigned int)other_fsp->num_posix_pending_closes )); other_fsp->posix_pending_close_fds = (int *)Realloc(other_fsp->posix_pending_close_fds, (other_fsp->num_posix_pending_closes + -- cgit