The yaffs_remount_common() and yaffs_unmount2_common() functions unconditionally call yaffsfs_CheckMemRegion() and yaffsfs_CheckPath() for their 'path' parameter. Meanwhile, the calls to these functions in yaffs_remount_reldev() and yaffs_unmount*_reldev() set the 'path' argument to NULL. This prevents remounting and unmounting from working properly when yaffs_*_reldev() functions are used. Fix by only calling yaffsfs_CheckMemRegion() and yaffsfs_CheckPath() from yaffs_remount_common() and yaffs_unmount2_common() if the 'dev' parameter is not NULL, similarly to what other yaffs_*_common() functions do. Signed-off-by: Michał Kępień --- direct/yaffsfs.c | 32 ++++++++++++++++++-------------- 1 file changed, 18 insertions(+), 14 deletions(-) diff --git a/direct/yaffsfs.c b/direct/yaffsfs.c index d1e4e4e..b00a1d3 100644 --- a/direct/yaffsfs.c +++ b/direct/yaffsfs.c @@ -3052,14 +3052,16 @@ int yaffs_remount_common(struct yaffs_dev *dev, const YCHAR *path, int retVal = -1; int was_read_only; - if (yaffsfs_CheckMemRegion(path, 0, 0) < 0) { - yaffsfs_SetError(-EFAULT); - return -1; - } + if (!dev) { + if (yaffsfs_CheckMemRegion(path, 0, 0) < 0) { + yaffsfs_SetError(-EFAULT); + return -1; + } - if (yaffsfs_CheckPath(path) < 0) { - yaffsfs_SetError(-ENAMETOOLONG); - return -1; + if (yaffsfs_CheckPath(path) < 0) { + yaffsfs_SetError(-ENAMETOOLONG); + return -1; + } } yaffsfs_Lock(); @@ -3106,14 +3108,16 @@ int yaffs_unmount2_common(struct yaffs_dev *dev, const YCHAR *path, int force) { int retVal = -1; - if (yaffsfs_CheckMemRegion(path, 0, 0) < 0) { - yaffsfs_SetError(-EFAULT); - return -1; - } + if (!dev) { + if (yaffsfs_CheckMemRegion(path, 0, 0) < 0) { + yaffsfs_SetError(-EFAULT); + return -1; + } - if (yaffsfs_CheckPath(path) < 0) { - yaffsfs_SetError(-ENAMETOOLONG); - return -1; + if (yaffsfs_CheckPath(path) < 0) { + yaffsfs_SetError(-ENAMETOOLONG); + return -1; + } } yaffsfs_Lock(); -- 2.33.0