summaryrefslogtreecommitdiffstats
path: root/xlators/storage/posix
diff options
context:
space:
mode:
authorXavi Hernandez <xhernandez@redhat.com>2019-12-20 14:14:32 +0100
committerAmar Tumballi <amarts@gmail.com>2020-01-10 00:58:19 +0000
commit00c090b093c147a95bfb8fce93f08303993e1995 (patch)
tree537f9d4104bc1290dc2419c4ce9341bc6ee31dc8 /xlators/storage/posix
parent1166df1920dd9b2bd5fce53ab49d27117db40238 (diff)
multiple: fix bad type cast
When using inode_ctx_get() or inode_ctx_set(), a 'uint64_t *' is expected. In many cases, the value to retrieve or store is a pointer, which will be of smaller size in some architectures (for example 32-bits). In this case, directly passing the address of the pointer casted to an 'uint64_t *' is wrong and can cause memory corruption. Change-Id: Iae616da9dda528df6743fa2f65ae5cff5ad23258 Signed-off-by: Xavi Hernandez <xhernandez@redhat.com> Fixes: bz#1785611
Diffstat (limited to 'xlators/storage/posix')
-rw-r--r--xlators/storage/posix/src/posix-helpers.c3
-rw-r--r--xlators/storage/posix/src/posix-metadata.c35
2 files changed, 27 insertions, 11 deletions
diff --git a/xlators/storage/posix/src/posix-helpers.c b/xlators/storage/posix/src/posix-helpers.c
index ef3c328..cbc2714 100644
--- a/xlators/storage/posix/src/posix-helpers.c
+++ b/xlators/storage/posix/src/posix-helpers.c
@@ -2858,7 +2858,8 @@ __posix_inode_ctx_get(inode_t *inode, xlator_t *this)
pthread_mutex_init(&ctx_p->write_atomic_lock, NULL);
pthread_mutex_init(&ctx_p->pgfid_lock, NULL);
- ret = __inode_ctx_set(inode, this, (uint64_t *)&ctx_p);
+ ctx_uint = (uint64_t)(uintptr_t)ctx_p;
+ ret = __inode_ctx_set(inode, this, &ctx_uint);
if (ret < 0) {
pthread_mutex_destroy(&ctx_p->xattrop_lock);
pthread_mutex_destroy(&ctx_p->write_atomic_lock);
diff --git a/xlators/storage/posix/src/posix-metadata.c b/xlators/storage/posix/src/posix-metadata.c
index 6e324c8..b188905 100644
--- a/xlators/storage/posix/src/posix-metadata.c
+++ b/xlators/storage/posix/src/posix-metadata.c
@@ -256,6 +256,7 @@ int
__posix_get_mdata_xattr(xlator_t *this, const char *real_path, int _fd,
inode_t *inode, struct iatt *stbuf)
{
+ uint64_t ctx;
posix_mdata_t *mdata = NULL;
int ret = -1;
int op_errno = 0;
@@ -263,7 +264,10 @@ __posix_get_mdata_xattr(xlator_t *this, const char *real_path, int _fd,
/* Handle readdirp: inode might be null, time attributes should be served
* from xattr not from backend's file attributes */
if (inode) {
- ret = __inode_ctx_get1(inode, this, (uint64_t *)&mdata);
+ ret = __inode_ctx_get1(inode, this, &ctx);
+ if (ret == 0) {
+ mdata = (posix_mdata_t *)(uintptr_t)ctx;
+ }
} else {
ret = -1;
}
@@ -288,7 +292,8 @@ __posix_get_mdata_xattr(xlator_t *this, const char *real_path, int _fd,
* down scenario
*/
if (inode) {
- __inode_ctx_set1(inode, this, (uint64_t *)&mdata);
+ ctx = (uint64_t)(uintptr_t)mdata;
+ __inode_ctx_set1(inode, this, &ctx);
}
} else {
/* Failed to get mdata from disk, xattr missing.
@@ -370,6 +375,7 @@ posix_set_mdata_xattr_legacy_files(xlator_t *this, inode_t *inode,
const char *realpath,
struct mdata_iatt *mdata_iatt, int *op_errno)
{
+ uint64_t ctx;
posix_mdata_t *mdata = NULL;
posix_mdata_t imdata = {
0,
@@ -382,10 +388,11 @@ posix_set_mdata_xattr_legacy_files(xlator_t *this, inode_t *inode,
LOCK(&inode->lock);
{
- ret = __inode_ctx_get1(inode, this, (uint64_t *)&mdata);
- if (ret == 0 && mdata) {
+ ret = __inode_ctx_get1(inode, this, &ctx);
+ if (ret == 0 && ctx) {
+ mdata = (posix_mdata_t *)(uintptr_t)ctx;
mdata_already_set = _gf_true;
- } else if (ret == -1 || !mdata) {
+ } else {
mdata = GF_CALLOC(1, sizeof(posix_mdata_t), gf_posix_mt_mdata_attr);
if (!mdata) {
gf_msg(this->name, GF_LOG_ERROR, ENOMEM, P_MSG_NOMEM,
@@ -402,7 +409,8 @@ posix_set_mdata_xattr_legacy_files(xlator_t *this, inode_t *inode,
/* Got mdata from disk. This is a race, another client
* has healed the xattr during lookup. So set it in inode
* ctx */
- __inode_ctx_set1(inode, this, (uint64_t *)&mdata);
+ ctx = (uint64_t)(uintptr_t)mdata;
+ __inode_ctx_set1(inode, this, &ctx);
mdata_already_set = _gf_true;
} else {
*op_errno = 0;
@@ -415,7 +423,8 @@ posix_set_mdata_xattr_legacy_files(xlator_t *this, inode_t *inode,
mdata->mtime.tv_sec = mdata_iatt->ia_mtime;
mdata->mtime.tv_nsec = mdata_iatt->ia_mtime_nsec;
- __inode_ctx_set1(inode, this, (uint64_t *)&mdata);
+ ctx = (uint64_t)(uintptr_t)mdata;
+ __inode_ctx_set1(inode, this, &ctx);
}
}
@@ -464,6 +473,7 @@ posix_set_mdata_xattr(xlator_t *this, const char *real_path, int fd,
struct iatt *stbuf, posix_mdata_flag_t *flag,
gf_boolean_t update_utime)
{
+ uint64_t ctx;
posix_mdata_t *mdata = NULL;
int ret = -1;
int op_errno = 0;
@@ -479,7 +489,10 @@ posix_set_mdata_xattr(xlator_t *this, const char *real_path, int fd,
LOCK(&inode->lock);
{
- ret = __inode_ctx_get1(inode, this, (uint64_t *)&mdata);
+ ret = __inode_ctx_get1(inode, this, &ctx);
+ if (ret == 0) {
+ mdata = (posix_mdata_t *)(uintptr_t)ctx;
+ }
if (ret == -1 || !mdata) {
/*
* Do we need to fetch the data from xattr
@@ -502,7 +515,8 @@ posix_set_mdata_xattr(xlator_t *this, const char *real_path, int fd,
* is hit when in-memory status is lost due to brick
* down scenario
*/
- __inode_ctx_set1(inode, this, (uint64_t *)&mdata);
+ ctx = (uint64_t)(uintptr_t)mdata;
+ __inode_ctx_set1(inode, this, &ctx);
} else {
/*
* This is the first time creating the time attr. This happens
@@ -536,7 +550,8 @@ posix_set_mdata_xattr(xlator_t *this, const char *real_path, int fd,
mdata->mtime.tv_sec = time->tv_sec;
mdata->mtime.tv_nsec = time->tv_nsec;
- __inode_ctx_set1(inode, this, (uint64_t *)&mdata);
+ ctx = (uint64_t)(uintptr_t)mdata;
+ __inode_ctx_set1(inode, this, &ctx);
}
}