MFS using NULL handle

adyr · ‎01-27-2017

I have found a bug in MFS_Open_file the mfs_open.c file. A snippet of the code is shown below:

            /* Lookup entry  with the requested name in the directory */
            error_code = MFS_scan_dir_chain(drive_ptr, &dir_chain, entry_name, &dir_entry, &entry_sector, &entry_index, NULL);
            if (error_code == MFS_NO_ERROR)
            {
                /* Check if it is a regular file and verify permissions */
                if (dir_entry.ATTRIBUTE[0] & (MFS_ATTR_DIR_NAME | MFS_ATTR_VOLUME_NAME))
                {
                    error_code = MFS_ACCESS_DENIED;
                }
                else if ((dir_entry.ATTRIBUTE[0] & MFS_ATTR_READ_ONLY) && ((fsflags & MFS_O_ACCMODE) != MFS_O_RDONLY))
                {
                    error_code = MFS_ACCESS_DENIED;
                }
                else
                {
                    MFS_HANDLE_PTR existing_handle;
                    /* Check to see if the file is already opened */
                    existing_handle = MFS_Find_handle_new(drive_ptr, entry_sector, entry_index);
                    /* Create new handle possibly associating it with the existing one */
                    handle = MFS_Create_handle(drive_ptr, existing_handle);
                    if (handle == NULL)
                    {
                        error_code = MFS_INSUFFICIENT_MEMORY;
                    }
                    /* Fill in data in the directory entry, unless it was associated with an existing handle (i.e. already filled in) */
                    if (existing_handle == NULL)
                    {
                        MFS_dir_entry_from_disk(drive_ptr, handle->DIR_ENTRY, &dir_entry);
                        handle->DIR_ENTRY->ENTRY_SECTOR = entry_sector;
                        handle->DIR_ENTRY->ENTRY_INDEX = entry_index;
                        handle->DIR_ENTRY->DIRTY = 0;
                    }
                }
            }
        }‍‍‍‍‍‍‍‍‍‍‍‍‍‍‍‍‍‍‍‍‍‍‍‍‍‍‍‍‍‍‍‍‍‍‍‍‍‍‍‍‍‍‍‍‍‍‍‍‍‍‍‍‍‍‍‍‍‍‍‍‍‍‍‍‍‍‍‍‍‍

The problem is if handle comes back as NULL from MFS_Create_handle, the error_code is set but the NULL handle is still used in the call to MFS_dir_entry_from_disk. This will then generate a bus fault.

I think that putting MFS_dir_entry_from_disk in an else block should solve this:

                    /* Create new handle possibly associating it with the existing one */
                    handle = MFS_Create_handle(drive_ptr, existing_handle);
                    if (handle == NULL)
                    {
                        error_code = MFS_INSUFFICIENT_MEMORY;
                    }
     else
     {
      /* Fill in data in the directory entry, unless it was associated with an existing handle (i.e. already filled in) */
      if (existing_handle == NULL)
      {
       MFS_dir_entry_from_disk(drive_ptr, handle->DIR_ENTRY, &dir_entry);
       handle->DIR_ENTRY->ENTRY_SECTOR = entry_sector;
       handle->DIR_ENTRY->ENTRY_INDEX = entry_index;
       handle->DIR_ENTRY->DIRTY = 0;
      }
     }‍‍‍‍‍‍‍‍‍‍‍‍‍‍‍‍‍‍‍‍‍‍‍‍‍‍‍‍‍‍‍‍‍‍

Hope it helps

soledad · ‎01-27-2017

Hi Adrian,

Thank you for your feedback. I will this to our development team.

Could you please mention the MQX version, IDE and device used?

Have a great day,
Sol

-----------------------------------------------------------------------------------------------------------------------
Note: If this post answers your question, please click the Correct Answer button. Thank you!
-----------------------------------------------------------------------------------------------------------------------

adyr · ‎01-30-2017

Hi Sol,

Sorry, I should have given the details you mentioned.

I am using MQX for KSDK 1.3 with IAR EWARM and the K66 processor. The same problem is also in classic MQX 4.2.

Best regards,

Adrian.

EAI · ‎01-27-2017

Adrian;

Thank you for reporting this, it has now been fixed.

Craig

MFS using NULL handle

MFS using NULL handle

File System