[PATCH v3] erofs-utils: fuse: add missing return on getattr error

[Ajay Rajera]

erofsfuse_getattr() calls fuse_reply_err() when
erofs_read_inode_from_disk() fails, but does not return
afterwards. This causes the function to fall through to
erofsfuse_fill_stat() with uninitialized inode data and then
call fuse_reply_attr(), sending a second reply to the same
FUSE request.

Sending two replies to a single FUSE request is undefined
behavior in libfuse and typically triggers an assertion
failure or crash. The uninitialized inode data may also
expose garbage values to userspace.

Fix by adding the missing return after fuse_reply_err().

Signed-off-by: Ajay Rajera <newajay.11r at gmail.com>
---
 fuse/main.c | 4 +++-
 1 file changed, 3 insertions(+), 1 deletion(-)

diff --git a/fuse/main.c b/fuse/main.c
index 82aca8c..b634782 100644
--- a/fuse/main.c
+++ b/fuse/main.c
@@ -265,8 +265,10 @@ static void erofsfuse_getattr(fuse_req_t req, fuse_ino_t ino,
 	struct erofs_inode vi = { .sbi = &g_sbi, .nid = erofsfuse_to_nid(ino) };
 
 	ret = erofs_read_inode_from_disk(&vi);
-	if (ret < 0)
+	if (ret < 0) {
 		fuse_reply_err(req, -ret);
+		return;
+	}
 
 	erofsfuse_fill_stat(&vi, &stbuf);
 	stbuf.st_ino = ino;
-- 
2.51.0.windows.1