From: Jeff Mahoney <jeffm@suse.com>
Date: Tue, 22 Aug 2017 15:01:30 +0000 (-0500)
Subject: fsr: fix uninitialized fs usage after timeout
X-Git-Tag: v4.13.0-rc1~20
X-Git-Url: http://git.ipfire.org/?a=commitdiff_plain;h=8d2666e3f66c263946b47155f3764f64ce64d684;p=thirdparty%2Fxfsprogs-dev.git

fsr: fix uninitialized fs usage after timeout

In the main loop of fsrallfs, we exit when we've hit the timeout but
we increment fs before we get there.  If we're operating on the last
file system in the array, we'll hit an uninitialized fsdesc and
crash in fsrall_cleanup.

Signed-off-by: Jeff Mahoney <jeffm@suse.com>
[sandeen: change Jeff's for(; loop]
Reviewed-by: Eric Sandeen <sandeen@redhat.com>
Signed-off-by: Eric Sandeen <sandeen@sandeen.net>
---

diff --git a/fsr/xfs_fsr.c b/fsr/xfs_fsr.c
index d4846a320..2a18ce082 100644
--- a/fsr/xfs_fsr.c
+++ b/fsr/xfs_fsr.c
@@ -600,12 +600,7 @@ fsrallfs(char *mtab, int howlong, char *leftofffile)
 	/* reorg for 'howlong' -- checked in 'fsrfs' */
 	while (endtime > time(0)) {
 		pid_t pid;
-		if (fs == fsend)
-			fs = fsbase;
-		if (fs->npass == npasses) {
-			fsrprintf(_("Completed all %d passes\n"), npasses);
-			break;
-		}
+
 		if (npasses > 1 && !fs->npass)
 			Mflag = 1;
 		else
@@ -631,6 +626,12 @@ fsrallfs(char *mtab, int howlong, char *leftofffile)
 		startino = 0;  /* reset after the first time through */
 		fs->npass++;
 		fs++;
+		if (fs == fsend)
+			fs = fsbase;
+		if (fs->npass == npasses) {
+			fsrprintf(_("Completed all %d passes\n"), npasses);
+			break;
+		}
 	}
 	fsrall_cleanup(endtime <= time(0));
 }