path: root/xlators/encryption/crypt
diff options
authorEmmanuel Dreyfus <>2015-04-08 10:49:07 +0200
committerVijay Bellur <>2015-04-11 18:11:11 +0000
commitd10bd788fada54ad095e19b5aedf949e23fdabb2 (patch)
tree3cace28691af65cd2ffea104e6f36c80f7cf09e7 /xlators/encryption/crypt
parent169ea3e4939b79e5f658d44ac190221324a8967f (diff)
crypt xlator: Fix memory coruption after free
crypt xlator allocated local memory through mem_get0(), but code called through STACK_DESTROY()/FRAME_DESTROY() does not expect memory to be allocated that way: it will use GF_FREE() even for data allocated by mem_get0(), which should be given the mem_put() treatment. As a result, allocating using mem_get0(), while relying on FRAME_DESTROY() cleanup led to memory corruption. Using GF_CALLOC() instead of mem_get0() sets memory allocation on par with cleanup code, and crypt.t can pass on NetBSD. The initial patch was crafted by Raghavendra Talur. BUG: 1129939 Change-Id: Ib71b4b57f8d1bb782f950e3c8fa74a4f7e10946e Signed-off-by: Emmanuel Dreyfus <> Reviewed-on: Tested-by: Gluster Build System <> Reviewed-by: Kaleb KEITHLEY <> Reviewed-by: Vijay Bellur <>
Diffstat (limited to 'xlators/encryption/crypt')
2 files changed, 2 insertions, 1 deletions
diff --git a/xlators/encryption/crypt/src/crypt-mem-types.h b/xlators/encryption/crypt/src/crypt-mem-types.h
index 2eab921fcba..1954c579423 100644
--- a/xlators/encryption/crypt/src/crypt-mem-types.h
+++ b/xlators/encryption/crypt/src/crypt-mem-types.h
@@ -24,6 +24,7 @@ enum gf_crypt_mem_types_ {
+ gf_crypt_mt_local,
diff --git a/xlators/encryption/crypt/src/crypt.c b/xlators/encryption/crypt/src/crypt.c
index 2c296061ff7..5387f84303c 100644
--- a/xlators/encryption/crypt/src/crypt.c
+++ b/xlators/encryption/crypt/src/crypt.c
@@ -48,7 +48,7 @@ static crypt_local_t *crypt_alloc_local(call_frame_t *frame, xlator_t *this,
crypt_local_t *local = NULL;
- local = mem_get0(this->local_pool);
+ local = GF_CALLOC (1, sizeof (*local), gf_crypt_mt_local);
if (!local) {
gf_log(this->name, GF_LOG_ERROR, "out of memory");
return NULL;