performance/quick-read: Fix access of freed memory in qr_open_cbk.

- It may so happen that current frame might be unwound and
    local might be freed when waiting operations are resumed.
    Hence store the information of whether this frame belongs
    to an open call in a local variable, instead accessing the
    flag from local at the end of qr_open_cbk.

Signed-off-by: Anand V. Avati <avati@dev.gluster.com>

BUG: 231 (Quick-read: Fix access of freed memory in qr_open_cbk.)
URL: http://bugs.gluster.com/cgi-bin/bugzilla3/show_bug.cgi?id=231

1 files changed, 9 insertions, 1 deletions

diff --git a/xlators/performance/quick-read/src/quick-read.c b/xlators/performance/quick-read/src/quick-read.c
index 7bc912e3d..c63c920a0 100644
--- a/xlators/performance/quick-read/src/quick-read.c
+++ b/xlators/performance/quick-read/src/quick-read.c
@@ -293,8 +293,16 @@ qr_open_cbk (call_frame_t *frame, void *cookie, xlator_t *this, int32_t op_ret,
         qr_file_t       *qr_file = NULL;
         qr_fd_ctx_t     *qr_fd_ctx = NULL;
         call_stub_t     *stub = NULL, *tmp = NULL;
+        char             is_open = 0;
 
         local = frame->local;
+        if (local == NULL) {
+                op_ret = -1;
+                op_errno = EINVAL;
+        } else {
+                is_open = local->is_open;
+        }
+
         INIT_LIST_HEAD (&waiting_ops);
 
         ret = fd_ctx_get (fd, this, &value);
@@ -347,7 +355,7 @@ qr_open_cbk (call_frame_t *frame, void *cookie, xlator_t *this, int32_t op_ret,
                 }
         }
 out: 
-        if (local && local->is_open) { 
+        if (is_open) {
                 STACK_UNWIND (frame, op_ret, op_errno, fd);
         }