Possible double-free on ext2fs_file_close()

[jhermsmeier]

75.1 % (5212 MB)
*** Error in `node': double free or corruption (out): 0x00007f6bf0000980 ***
======= Backtrace: =========
/lib/x86_64-linux-gnu/libc.so.6(+0x777e5)[0x7f6c1b9167e5]
/lib/x86_64-linux-gnu/libc.so.6(+0x8037a)[0x7f6c1b91f37a]
/lib/x86_64-linux-gnu/libc.so.6(cfree+0x4c)[0x7f6c1b92353c]
/home/jonas/Work/node-ext2fs/build/Release/bindings.node(ext2fs_file_close+0x33)[0x7f6c19674223]
/home/jonas/Work/node-ext2fs/build/Release/bindings.node(_ZN11CloseWorker7ExecuteEv+0x18)[0x7f6c196660f8]
node[0x9e3721]
/lib/x86_64-linux-gnu/libpthread.so.0(+0x76ba)[0x7f6c1bc706ba]
/lib/x86_64-linux-gnu/libc.so.6(clone+0x6d)[0x7f6c1b9a641d]

Looking at the implementation of ext2fs_file_close(), it seems it can double-free the ext2_file_t file if called twice on the same file structure

[jhermsmeier]

This can be reproduced by reading the resinos-img from jetson-v2.13.0+rev1-xpo-dev.img's resin-rootA partition, and unmounting the extfs after the readstream errors reading the contained resinos image

[AeroNotix]

@acostach I realise you may not work on this component but I'm sure you could figure this one out with your big brainz.

Is this fixed? I'm seeing this locally. I'm using some tooling to flash older tx2 images, so they may have been built a while ago - I've had reports though that this issue has appeared from tooling built recently.

https://github.com/balena-os/jetson-flash doesn't use a package-lock.json file fwiw, I wonder if there's some issues with unlocked dependencies or floating dependencies not pulling in fixed versions of things, assuming that this ticket here is actually fixed.

cc @jhermsmeier -- wondering if you managed to work around this, or found a fix elsewhere.

[AeroNotix]

Oh also, jetson-flash uses 1.0.13 which seems very old. Perhaps time to updoot over there and pull in the latest from this repository?

[acostach]

Hi @AeroNotix , thank for reporting this, I haven't seen this error with jetson-flash so far. Does the issue still occur on your side if you update this package manually in jetson-flash?

~$ cd ~/jetson-flash/
~/jetson-flash$ npm install ext2fs@v3.0.5

I'll update it there anyway, but would be good to know if you still see this with the latest ext2fs version.

Thank you