diff options
| author | Vikas Gorur <vikas@gluster.com> | 2010-01-25 05:59:28 +0000 |
|---|---|---|
| committer | Anand V. Avati <avati@dev.gluster.com> | 2010-01-25 04:39:09 -0800 |
| commit | 4c20b5377e4a73a684ba3bb091380fd0f19731ca (patch) | |
| tree | 8cacf5a9d999f4d5c6fab4bcdc89b89ac042c1d5 | |
| parent | e468531dcba808e71a13d3479b6f31a52f745f59 (diff) | |
storage/posix: Fix an access-after-free bug in release() and releasedir().v3.0.1
Signed-off-by: Vikas Gorur <vikas@gluster.com>
Signed-off-by: Anand V. Avati <avati@dev.gluster.com>
BUG: 533 (close() should not block main loop)
URL: http://bugs.gluster.com/cgi-bin/bugzilla3/show_bug.cgi?id=533
| -rw-r--r-- | xlators/storage/posix/src/posix.c | 32 |
1 files changed, 15 insertions, 17 deletions
diff --git a/xlators/storage/posix/src/posix.c b/xlators/storage/posix/src/posix.c index c9342ac4d..6b8aa5a92 100644 --- a/xlators/storage/posix/src/posix.c +++ b/xlators/storage/posix/src/posix.c @@ -1125,6 +1125,13 @@ posix_releasedir (xlator_t *this, priv = this->private; + if (!pfd->path) { + op_errno = EBADFD; + gf_log (this->name, GF_LOG_DEBUG, + "pfd->path was NULL. fd=%p pfd=%p", + fd, pfd); + } + pthread_mutex_lock (&priv->janitor_lock); { INIT_LIST_HEAD (&pfd->list); @@ -1133,14 +1140,6 @@ posix_releasedir (xlator_t *this, } pthread_mutex_unlock (&priv->janitor_lock); - if (!pfd->path) { - op_errno = EBADFD; - gf_log (this->name, GF_LOG_DEBUG, - "pfd->path was NULL. fd=%p pfd=%p", - fd, pfd); - goto out; - } - op_ret = 0; out: @@ -2782,23 +2781,22 @@ posix_release (xlator_t *this, _fd = pfd->fd; - pthread_mutex_lock (&priv->janitor_lock); - { - INIT_LIST_HEAD (&pfd->list); - list_add_tail (&pfd->list, &priv->janitor_fds); - pthread_cond_signal (&priv->janitor_cond); - } - pthread_mutex_unlock (&priv->janitor_lock); - if (pfd->dir) { op_ret = -1; op_errno = EBADF; gf_log (this->name, GF_LOG_DEBUG, "pfd->dir is %p (not NULL) for file fd=%p", pfd->dir, fd); - goto out; } + pthread_mutex_lock (&priv->janitor_lock); + { + INIT_LIST_HEAD (&pfd->list); + list_add_tail (&pfd->list, &priv->janitor_fds); + pthread_cond_signal (&priv->janitor_cond); + } + pthread_mutex_unlock (&priv->janitor_lock); + LOCK (&priv->lock); { priv->stats.nr_files--; |