leases: Reset lease_ctx->timer post deletion

To avoid use_after_free, reset lease_ctx->timer back to NULL after the structure has been freed. Change-Id: Icd213ec809b8af934afdb519c335a4680a1d6cdc updates: bz#1655532 Signed-off-by: Soumya Koduri <skoduri@redhat.com> (cherry picked from commit a9b0003c717087ff168bc143c70559162e53e0d5)
author: Soumya Koduri <skoduri@redhat.com> 2019-01-09 21:06:49 +0530
committer: Soumya Koduri <skoduri@redhat.com> 2019-01-09 21:08:39 +0530
commit: cc486da3ebb00ac4730df4ae03d04ec64e0e965c (patch)
tree: 10dfa56b3e958f1fb7cefb5c2dd1dd98ac3d81c8
parent: 94807aacbe488863ad2016f6abfdf404fe769bf8 (diff)
1 files changed, 1 insertions, 0 deletions
diff --git a/xlators/features/leases/src/leases-internal.c b/xlators/features/leases/src/leases-internal.c
index 8695c9b2538..61928597f8f 100644
--- a/xlators/features/leases/src/leases-internal.c
+++ b/xlators/features/leases/src/leases-internal.c
@@ -694,6 +694,7 @@ __remove_lease (xlator_t *this, inode_t *inode, lease_inode_ctx_t *lease_ctx,
         if (lease_ctx->lease_cnt == 0 && lease_ctx->timer) {
                 ret = gf_tw_del_timer (priv->timer_wheel, lease_ctx->timer);
                 lease_ctx->recall_in_progress = _gf_false;
+                lease_ctx->timer = NULL;
         }
 out:
         return ret;
author	Soumya Koduri <skoduri@redhat.com>	2019-01-09 21:06:49 +0530
committer	Soumya Koduri <skoduri@redhat.com>	2019-01-09 21:08:39 +0530
commit	cc486da3ebb00ac4730df4ae03d04ec64e0e965c (patch)
tree	10dfa56b3e958f1fb7cefb5c2dd1dd98ac3d81c8
parent	94807aacbe488863ad2016f6abfdf404fe769bf8 (diff)