libmount: fix use-after free, etc. [coverity scan]

* remove dead code in mnt_fs_fetch_statmount()
* fix use-after-free in table_init_listmount()
* return from lsmnt_to_table() if list not defined

Signed-off-by: Karel Zak <kzak@redhat.com>

diff --git a/libmount/src/fs_statmount.c b/libmount/src/fs_statmount.c
index c44e822995c3c8397d90983ee65c91445b31ff7b..b7570e032096431fcb0d7ebf94f843749ee896ad 100644 (file)
--- a/libmount/src/fs_statmount.c
+++ b/libmount/src/fs_statmount.c
@@ -349,8 +349,6 @@ int mnt_fs_fetch_statmount(struct libmnt_fs *fs, uint64_t mask)
                if (!fs->ns_id)
                        mask |= STATMOUNT_MNT_NS_ID;
        }
-       if (!mask)
-               goto done;
 
        if (fs->ns_id)
                ns = fs->ns_id;

diff --git a/libmount/src/tab_listmount.c b/libmount/src/tab_listmount.c
index e55786f27812b7730ab7a7f6e14f70ee764c0cc6..1ccdf2e77e7e32c80078e6052641d7f3be864e37 100644 (file)
--- a/libmount/src/tab_listmount.c
+++ b/libmount/src/tab_listmount.c
@@ -123,16 +123,16 @@ static int table_init_listmount(struct libmnt_table *tb, size_t stepsiz)
        }
 
        /* reuse old setting */
-       if (tb->lsmnt) {
+       if (tb->lsmnt && ls != tb->lsmnt) {
                ls->id = tb->lsmnt->id;
                ls->ns = tb->lsmnt->ns;
                ls->last = tb->lsmnt->last;
                ls->enabled = tb->lsmnt->enabled;
                ls->reverse = tb->lsmnt->reverse;
                free(tb->lsmnt);
-       }
 
-       tb->lsmnt = ls;
+               tb->lsmnt = ls;
+       }
 
        DBG(TAB, ul_debugobj(tb, "listmount: init [step=%zu]", ls->stepsiz));
        return 0;
@@ -259,6 +259,8 @@ static int lsmnt_to_table(
        size_t i;
        struct libmnt_fs *prev = NULL;
 
+       if (!ls)
+               return -EINVAL;
        if (reverse)
                mnt_table_first_fs(tb, &prev);
        else
@@ -279,7 +281,7 @@ static int lsmnt_to_table(
                if (fs) {
                        fs->flags |= MNT_FS_KERNEL;
                        mnt_fs_set_uniq_id(fs, id);
-                       if (ls && ls->ns)
+                       if (ls->ns)
                                mnt_fs_set_ns(fs, ls->ns);
 
                        rc = mnt_table_insert_fs(tb, reverse, prev, fs);