[PATCH] erofs-utils: lib: fix xattr crash in rebuild path when source has xattr
lishixian
lishixian8 at huawei.com
Tue Mar 3 00:03:56 AEDT 2026
When rebuilding from source EROFS images, erofs_read_xattrs_from_disk()
is called for inodes that have xattr. At that point inode->sbi points to
the source image's sbi, which is opened read-only and never gets
erofs_xattr_init(), so sbi->xamgr is NULL. get_xattritem(sbi) then
dereferences xamgr and crashes with SIGSEGV.
Fix by using the build target's xamgr when initializing src's sbi.
Reported-by: Yixiao Chen <489679970 at qq.com>
Fixes: https://github.com/erofs/erofs-utils/issues/42
Signed-off-by: lishixian <lishixian8 at huawei.com>
Reviewed-by: Yifan Zhao <zhaoyifan28 at huawei.com>
---
lib/rebuild.c | 1 +
mkfs/main.c | 1 +
2 files changed, 2 insertions(+)
diff --git a/lib/rebuild.c b/lib/rebuild.c
index f89a17c..f1e79c1 100644
--- a/lib/rebuild.c
+++ b/lib/rebuild.c
@@ -437,6 +437,7 @@ int erofs_rebuild_load_tree(struct erofs_inode *root, struct erofs_sb_info *sbi,
erofs_err("failed to read superblock of %s", fsid);
return ret;
}
+ sbi->xamgr = g_sbi.xamgr;
inode.nid = sbi->root_nid;
inode.sbi = sbi;
diff --git a/mkfs/main.c b/mkfs/main.c
index b84d1b4..cb0f0cc 100644
--- a/mkfs/main.c
+++ b/mkfs/main.c
@@ -1011,6 +1011,7 @@ static void erofs_rebuild_cleanup(void)
list_for_each_entry_safe(src, n, &rebuild_src_list, list) {
list_del(&src->list);
+ src->xamgr = NULL; /* borrowed from g_sbi, do not free */
erofs_put_super(src);
erofs_dev_close(src);
free(src);
--
2.47.3
More information about the Linux-erofs
mailing list