svn commit: r349282 - projects/fuse2/sys/fs/fuse

Alan Somers asomers at FreeBSD.org
Fri Jun 21 23:29:30 UTC 2019 

Author: asomers
Date: Fri Jun 21 23:29:29 2019
New Revision: 349282
URL: https://svnweb.freebsd.org/changeset/base/349282

Log:
  fusefs: fix corruption on short reads caused by r349279
  
  Even if a short read is caused by EOF, it's still necessary to bzero the
  remaining buffer, because that buffer could become valid as a result of a
  future ftruncate or pwrite operation.
  
  Reported by:	fsx
  Sponsored by:	The FreeBSD Foundation

Modified:
  projects/fuse2/sys/fs/fuse/fuse_io.c

Modified: projects/fuse2/sys/fs/fuse/fuse_io.c
==============================================================================
--- projects/fuse2/sys/fs/fuse/fuse_io.c	Fri Jun 21 23:29:16 2019	(r349281)
+++ projects/fuse2/sys/fs/fuse/fuse_io.c	Fri Jun 21 23:29:29 2019	(r349282)
@@ -899,33 +899,37 @@ fuse_io_strategy(struct vnode *vp, struct buf *bp)
 		error = fuse_read_directbackend(vp, uiop, cred, fufh);
 
 		if (!error && uiop->uio_resid) {
-			/*
-			 * A short read with no error, when not using direct io,
-			 * and when no writes are cached, indicates EOF.
-			 * Update the file size accordingly.
-	                 */
+			int nread = bp->b_bcount - uiop->uio_resid;
+			int left = uiop->uio_resid;
+			bzero((char *)bp->b_data + nread, left);
+
 			if (fuse_data_cache_mode != FUSE_CACHE_WB || 
 			    (fvdat->flag & FN_SIZECHANGE) == 0) {
-				SDT_PROBE2(fusefs, , io, trace, 1,
-					"Short read of a clean file");
-				/* 
+				/*
+				 * A short read with no error, when not using
+				 * direct io, and when no writes are cached,
+				 * indicates EOF.  Update the file size
+				 * accordingly.  We must still bzero the
+				 * remaining buffer so uninitialized data
+				 * doesn't get exposed by a future truncate
+				 * that extends the file.
+				 * 
 				 * XXX To prevent lock order problems, we must
 				 * truncate the file upstack
 				 */
+				SDT_PROBE2(fusefs, , io, trace, 1,
+					"Short read of a clean file");
 			} else {
 				/*
 				 * If dirty writes _are_ cached beyond EOF,
 				 * that indicates a newly created hole that the
-				 * server doesn't know about.  Fill it in.
+				 * server doesn't know about.
 				 * XXX: we don't currently track whether dirty
 				 * writes are cached beyond EOF, before EOF, or
 				 * both.
 				 */
 				SDT_PROBE2(fusefs, , io, trace, 1,
 					"Short read of a dirty file");
-				int nread = bp->b_bcount - uiop->uio_resid;
-				int left = uiop->uio_resid;
-				bzero((char *)bp->b_data + nread, left);
 				uiop->uio_resid = 0;
 			}

More information about the svn-src-projects mailing list