protocol/client: fix memory corruption

There was an issue when some accesses to saved_fds list were
protected by the wrong mutex (lock instead of fd_lock).

Additionally, the retrieval of fdctx from fd's context and any
checks done on it have also been protected by fd_lock to avoid
fdctx to become outdated just after retrieving it.

Change-Id: If2910508bcb7d1ff23debb30291391f00903a6fe
BUG: 1553129
Signed-off-by: Xavi Hernandez <xhernandez@redhat.com>

1 files changed, 6 insertions, 3 deletions

diff --git a/xlators/protocol/client/src/client-handshake.c b/xlators/protocol/client/src/client-handshake.c
index 74c601bbcbd..5c0b4750e2e 100644
--- a/xlators/protocol/client/src/client-handshake.c
+++ b/xlators/protocol/client/src/client-handshake.c
@@ -926,11 +926,14 @@ client_attempt_reopen (fd_t *fd, xlator_t *this)
 
         conf = this->private;
 
-        fdctx = this_fd_get_ctx (fd, this);
-        if (!fdctx)
-                goto out;
         pthread_spin_lock (&conf->fd_lock);
         {
+                fdctx = this_fd_get_ctx (fd, this);
+                if (!fdctx) {
+                        pthread_spin_unlock(&conf->fd_lock);
+                        goto out;
+                }
+
                 if (__is_fd_reopen_in_progress (fdctx))
                         goto unlock;
                 if (fdctx->remote_fd != -1)