On Friday 21 December 2007 13:41:40 Martin Fouts wrote:
> One of our developers is running regression tests against yaffs and
> reports the following:
>
> yaffs_RenameObject line 2460 yaffs_guts.c
>
> The return value from yaffs_FindObjectByName(oldDir, oldName) is not
> checked before being dereferenced. This causes a crash when renaming an
> invalid file.
>
> Example...
> mkdir a
> mv a/. c
>
> He worked around it in our calling code by making sure that
> yaffs_RenameObject is never getting indirectly called if the source
> object doesn't exist.
>
> But we're wondering if it's a bug that should be fixed in yaffs_guts.
From a cursory glance, both the Linux and yaffs direct would seem to check
sanity before entering yaffs_guts.c
Still, I think this is worth checking since it is pretty cheap.
-- CHarles
>
> Suggestions?
>
> _______________________________________________
> yaffs mailing list
> yaffs@lists.aleph1.co.uk
> http://lists.aleph1.co.uk/cgi-bin/mailman/listinfo/yaffs
(text/plain)