From cede859c7312ad09bae90f6c0f16a751f830905b Mon Sep 17 00:00:00 2001
From: nik-redhat <nladha@redhat.com>
Date: Thu, 3 Sep 2020 15:42:45 +0530
Subject: glusterd: use after free (coverity issue)

Issue:
dict_unref is called on the same dict again,
in the out label of the code, which causes the
use after free issue.

Fix:
Set the dict to NULL after unref, to avoid
use after free issue.

CID: 1430127

Updates: #1060

Change-Id: Ide9a5cbc5f496705c671e72b0260da6d4c06f16d
Signed-off-by: nik-redhat <nladha@redhat.com>
---
 xlators/mgmt/glusterd/src/glusterd-snapshot-utils.c | 5 +++--
 1 file changed, 3 insertions(+), 2 deletions(-)

(limited to 'xlators/mgmt/glusterd/src')

diff --git a/xlators/mgmt/glusterd/src/glusterd-snapshot-utils.c b/xlators/mgmt/glusterd/src/glusterd-snapshot-utils.c
index d96d5dd2cfc..995268b796d 100644
--- a/xlators/mgmt/glusterd/src/glusterd-snapshot-utils.c
+++ b/xlators/mgmt/glusterd/src/glusterd-snapshot-utils.c
@@ -2037,8 +2037,9 @@ glusterd_update_snaps_synctask(void *opaque)
                        "Failed to remove snap %s", snap->snapname);
                 goto out;
             }
-            if (dict)
-                dict_unref(dict);
+
+            dict_unref(dict);
+            dict = NULL;
         }
         snprintf(buf, sizeof(buf), "%s.accept_peer_data", prefix);
         ret = dict_get_int32(peer_data, buf, &val);
-- 
cgit