From 4c20b5377e4a73a684ba3bb091380fd0f19731ca Mon Sep 17 00:00:00 2001 From: Vikas Gorur Date: Mon, 25 Jan 2010 05:59:28 +0000 Subject: storage/posix: Fix an access-after-free bug in release() and releasedir(). Signed-off-by: Vikas Gorur Signed-off-by: Anand V. Avati BUG: 533 (close() should not block main loop) URL: http://bugs.gluster.com/cgi-bin/bugzilla3/show_bug.cgi?id=533 --- xlators/storage/posix/src/posix.c | 32 +++++++++++++++----------------- 1 file changed, 15 insertions(+), 17 deletions(-) (limited to 'xlators/storage') diff --git a/xlators/storage/posix/src/posix.c b/xlators/storage/posix/src/posix.c index c9342ac4d69..6b8aa5a9298 100644 --- a/xlators/storage/posix/src/posix.c +++ b/xlators/storage/posix/src/posix.c @@ -1125,6 +1125,13 @@ posix_releasedir (xlator_t *this, priv = this->private; + if (!pfd->path) { + op_errno = EBADFD; + gf_log (this->name, GF_LOG_DEBUG, + "pfd->path was NULL. fd=%p pfd=%p", + fd, pfd); + } + pthread_mutex_lock (&priv->janitor_lock); { INIT_LIST_HEAD (&pfd->list); @@ -1133,14 +1140,6 @@ posix_releasedir (xlator_t *this, } pthread_mutex_unlock (&priv->janitor_lock); - if (!pfd->path) { - op_errno = EBADFD; - gf_log (this->name, GF_LOG_DEBUG, - "pfd->path was NULL. fd=%p pfd=%p", - fd, pfd); - goto out; - } - op_ret = 0; out: @@ -2782,23 +2781,22 @@ posix_release (xlator_t *this, _fd = pfd->fd; - pthread_mutex_lock (&priv->janitor_lock); - { - INIT_LIST_HEAD (&pfd->list); - list_add_tail (&pfd->list, &priv->janitor_fds); - pthread_cond_signal (&priv->janitor_cond); - } - pthread_mutex_unlock (&priv->janitor_lock); - if (pfd->dir) { op_ret = -1; op_errno = EBADF; gf_log (this->name, GF_LOG_DEBUG, "pfd->dir is %p (not NULL) for file fd=%p", pfd->dir, fd); - goto out; } + pthread_mutex_lock (&priv->janitor_lock); + { + INIT_LIST_HEAD (&pfd->list); + list_add_tail (&pfd->list, &priv->janitor_fds); + pthread_cond_signal (&priv->janitor_cond); + } + pthread_mutex_unlock (&priv->janitor_lock); + LOCK (&priv->lock); { priv->stats.nr_files--; -- cgit