On Thu, Jun 12, 2025 at 09:05:13PM +0200, Anthony Iliopoulos wrote:
> When fill2 fails to open the output file (e.g. due to ENOSPC), it jumps
> into the cleanup code where it attempts to call fclose, and this causes
> a segfault within the glibc fclose code as it attempts to deref a null
> pointer.
>
> Fix it by conditionally calling fclose on the file pointer only when
> non-null.
>
> This is consistently reproducible with xfs/041.
>
> Signed-off-by: Anthony Iliopoulos <ailiop@xxxxxxxx>
Well I guess a NULL pointer is an "illegal pointer" as the manpage says,
so
Reviewed-by: "Darrick J. Wong" <djwong@xxxxxxxxxx>
--D
> ---
> src/fill2.c | 2 +-
> 1 file changed, 1 insertion(+), 1 deletion(-)
>
> diff --git a/src/fill2.c b/src/fill2.c
> index 4cc1c3d79a98..37ed00b1d9b1 100644
> --- a/src/fill2.c
> +++ b/src/fill2.c
> @@ -307,7 +307,7 @@ main(int argc, char **argv)
> cleanup:
>
> /* close file and flush buffers - check if this fails */
> - if (fclose(f) != 0) {
> + if (f && fclose(f) != 0) {
> fprintf(stderr, "fill2: fclose() on \"%s\" failed: %s\n",
> dfile, strerror(errno));
> status = 1;
> --
> 2.44.0
>
>
