[PATCH v2 1/2] erofs-utils: fuse: add missing return on getattr error
Gao Xiang
hsiangkao at linux.alibaba.com
Sat Mar 21 17:43:09 AEDT 2026
On 2026/3/21 14:26, Ajay Rajera wrote:
> erofsfuse_getattr() calls fuse_reply_err() when erofs_read_inode_from_disk()
> fails, but does not return afterwards. This causes the function to fall through
> to erofsfuse_fill_stat() with uninitialized inode data and then call
> fuse_reply_attr(), sending a second reply to the same FUSE request.
>
> Sending two replies to a single FUSE request is undefined behavior in libfuse
> and typically triggers an assertion failure or crash. The uninitialized inode
> data may also expose garbage values to userspace.
>
> Fix by adding the missing return after fuse_reply_err().
Each line of the commit message should not exceed 72 chars.
>
> Signed-off-by: Ajay Rajera <newajay.11r at gmail.com>
> ---
> fuse/main.c | 4 +++-
> 1 file changed, 3 insertions(+), 1 deletion(-)
>
> diff --git a/fuse/main.c b/fuse/main.c
> index 82aca8c..b634782 100644
> --- a/fuse/main.c
> +++ b/fuse/main.c
> @@ -265,8 +265,10 @@ static void erofsfuse_getattr(fuse_req_t req, fuse_ino_t ino,
> struct erofs_inode vi = { .sbi = &g_sbi, .nid = erofsfuse_to_nid(ino) };
>
> ret = erofs_read_inode_from_disk(&vi);
> - if (ret < 0)
> + if (ret < 0) {
> fuse_reply_err(req, -ret);
> + return;
> + }
>
> erofsfuse_fill_stat(&vi, &stbuf);
> stbuf.st_ino = ino;
More information about the Linux-erofs
mailing list