protocol/client: fix memory corruption

There was an issue when some accesses to saved_fds list were protected by the wrong mutex (lock instead of fd_lock). Additionally, the retrieval of fdctx from fd's context and any checks done on it have also been protected by fd_lock to avoid fdctx to become outdated just after retrieving it. Change-Id: If2910508bcb7d1ff23debb30291391f00903a6fe BUG: 1553129 Signed-off-by: Xavi Hernandez <xhernandez@redhat.com>
author: Xavi Hernandez <xhernandez@redhat.com> 2018-03-09 22:48:33 +0100
committer: Xavi Hernandez <xhernandez@redhat.com> 2018-03-09 23:31:29 +0100
commit: 157e55fe43ba13f04452aa11f42200b279fb4f7a (patch)
tree: 8ea7ab1685741b8236fde8a7accc611e98d73acc /xlators/protocol/client/src/client-helpers.c
parent: 940f870f4716f9cd32c68db95aa326a0ae87bf03 (diff)
1 files changed, 21 insertions, 13 deletions
diff --git a/xlators/protocol/client/src/client-helpers.c b/xlators/protocol/client/src/client-helpers.c
index 465de2a52d4..d0ccca73fe5 100644
--- a/xlators/protocol/client/src/client-helpers.c
+++ b/xlators/protocol/client/src/client-helpers.c
@@ -424,20 +424,20 @@ client_get_remote_fd (xlator_t *this, fd_t *fd, int flags, int64_t *remote_fd)
         GF_VALIDATE_OR_GOTO (this->name, fd, out);
         GF_VALIDATE_OR_GOTO (this->name, remote_fd, out);
 
-        fdctx = this_fd_get_ctx (fd, this);
-        if (!fdctx) {
-                *remote_fd = GF_ANON_FD_NO;
-        } else {
-                conf = this->private;
-                pthread_spin_lock (&conf->fd_lock);
-                {
+        conf = this->private;
+        pthread_spin_lock (&conf->fd_lock);
+        {
+                fdctx = this_fd_get_ctx (fd, this);
+                if (!fdctx) {
+                        *remote_fd = GF_ANON_FD_NO;
+                } else {
                         if (__is_fd_reopen_in_progress (fdctx))
                                 *remote_fd = -1;
                         else
                                 *remote_fd = fdctx->remote_fd;
                 }
-                pthread_spin_unlock (&conf->fd_lock);
         }
+        pthread_spin_unlock (&conf->fd_lock);
 
         if ((flags & FALLBACK_TO_ANON_FD) && (*remote_fd == -1))
                 *remote_fd = GF_ANON_FD_NO;
@@ -450,13 +450,21 @@ out:
 gf_boolean_t
 client_is_reopen_needed (fd_t *fd, xlator_t *this, int64_t remote_fd)
 {
+        clnt_conf_t     *conf  = NULL;
         clnt_fd_ctx_t   *fdctx = NULL;
+        gf_boolean_t     res = _gf_false;
+
+        conf = this->private;
+        pthread_spin_lock(&conf->fd_lock);
+        {
+                fdctx = this_fd_get_ctx (fd, this);
+                if (fdctx && (fdctx->remote_fd == -1) &&
+                    (remote_fd == GF_ANON_FD_NO))
+                        res = _gf_true;
+        }
+        pthread_spin_unlock(&conf->fd_lock);
 
-        fdctx = this_fd_get_ctx (fd, this);
-        if (fdctx && (fdctx->remote_fd == -1) &&
-            (remote_fd == GF_ANON_FD_NO))
-                return _gf_true;
-        return _gf_false;
+        return res;
 }
 
 int
author	Xavi Hernandez <xhernandez@redhat.com>	2018-03-09 22:48:33 +0100
committer	Xavi Hernandez <xhernandez@redhat.com>	2018-03-09 23:31:29 +0100
commit	157e55fe43ba13f04452aa11f42200b279fb4f7a (patch)
tree	8ea7ab1685741b8236fde8a7accc611e98d73acc /xlators/protocol/client/src/client-helpers.c
parent	940f870f4716f9cd32c68db95aa326a0ae87bf03 (diff)