diff options
author | Junaid <junaid@gluster.com> | 2011-08-22 17:32:08 +0530 |
---|---|---|
committer | Vijay Bellur <vijay@gluster.com> | 2011-08-22 05:20:33 -0700 |
commit | 601f5725a0a2e4855d9a4a952709e5c0cadbd846 (patch) | |
tree | 651a57295d8661390546126ab23af9ebb09730ce | |
parent | d9ead57226faf82f3f1375a29e06d348625ba905 (diff) |
features/marker-quota: Fix invalid reads in readdir_cbk.v3.3.0qa7
Change-Id: Icc1e9dc039f1f2d7ee94c689779a715a69d373fa
BUG: 3389
Reviewed-on: http://review.gluster.com/296
Tested-by: Gluster Build System <jenkins@build.gluster.com>
Reviewed-by: Vijay Bellur <vijay@gluster.com>
-rw-r--r-- | xlators/features/marker/src/marker-quota.c | 32 |
1 files changed, 24 insertions, 8 deletions
diff --git a/xlators/features/marker/src/marker-quota.c b/xlators/features/marker/src/marker-quota.c index 5cb6dc9ad..fc1f3a71b 100644 --- a/xlators/features/marker/src/marker-quota.c +++ b/xlators/features/marker/src/marker-quota.c @@ -548,7 +548,7 @@ quota_readdir_cbk (call_frame_t *frame, call_frame_t *newframe = NULL; loc_t loc = {0, }; - local = frame->local; + local = quota_local_ref (frame->local); if (op_ret == -1) { gf_log (this->name, GF_LOG_DEBUG, @@ -557,11 +557,11 @@ quota_readdir_cbk (call_frame_t *frame, release_lock_on_dirty_inode (frame, NULL, this, 0, 0); - return 0; + goto end; } else if (op_ret == 0) { get_dirty_inode_size (frame, this); - return 0; + goto end; } local->dentry_child_count = 0; @@ -582,7 +582,8 @@ quota_readdir_cbk (call_frame_t *frame, if (count == 0) { get_dirty_inode_size (frame, this); - return 0; + goto end; + } local->frame = frame; @@ -610,11 +611,22 @@ quota_readdir_cbk (call_frame_t *frame, if (ret < 0) goto out; - newframe = copy_frame (frame); - if (!newframe) { - ret = -1; - goto out; + ret = 0; + + LOCK (&local->lock); + { + if (local->err != -2) { + newframe = copy_frame (frame); + if (!newframe) { + ret = -1; + } + } else + ret = -1; } + UNLOCK (&local->lock); + + if (ret == -1) + goto out; newframe->local = quota_local_ref (local); @@ -642,6 +654,8 @@ quota_readdir_cbk (call_frame_t *frame, loc_wipe (&loc); + newframe = NULL; + out: if (dict) { dict_unref (dict); @@ -665,6 +679,8 @@ quota_readdir_cbk (call_frame_t *frame, if (ret && val != -2) { release_lock_on_dirty_inode (frame, NULL, this, 0, 0); } +end: + quota_local_unref (this, local); return 0; } |