From 2a20eebccf88b3be2c56d4b5cd6cb4466b289e4f Mon Sep 17 00:00:00 2001
From: Tomohiro Kusumi <tkusumi@tuxera.com>
Date: Tue, 24 Jan 2017 00:13:10 +0900
Subject: [PATCH] Fix bad pointer du->sysfs_root

There are two call paths for disk_util_add() (usually the second one)
which assigns ->sysfs_root for a newly allocated disk_util*, but both
temppath/foo are local char[] within their stack, so strdup/free it.

-> find_add_disk_slaves(...)
  -> __init_per_file_disk_util(..., temppath)
    -> disk_util_add(..., path)
      -> du->sysfs_root = path; /* == &temppath[0] */

-> init_per_file_disk_util(...)
  -> __init_per_file_disk_util(..., foo)
    -> disk_util_add(..., path)
      -> du->sysfs_root = path; /* == &foo[0] */

Signed-off-by: Tomohiro Kusumi <tkusumi@tuxera.com>
Signed-off-by: Jens Axboe <axboe@fb.com>
---
 diskutil.c | 3 ++-
 1 file changed, 2 insertions(+), 1 deletion(-)

diff --git a/diskutil.c b/diskutil.c
index 27ddb46b..c34841a2 100644
--- a/diskutil.c
+++ b/diskutil.c
@@ -37,6 +37,7 @@ static void disk_util_free(struct disk_util *du)
 	}
 
 	fio_mutex_remove(du->lock);
+	free(du->sysfs_root);
 	sfree(du);
 }
 
@@ -305,7 +306,7 @@ static struct disk_util *disk_util_add(struct thread_data *td, int majdev,
 		return NULL;
 	}
 	strncpy((char *) du->dus.name, basename(path), FIO_DU_NAME_SZ - 1);
-	du->sysfs_root = path;
+	du->sysfs_root = strdup(path);
 	du->major = majdev;
 	du->minor = mindev;
 	INIT_FLIST_HEAD(&du->slavelist);
-- 
2.25.1