diff options
| author | Vikas Gorur <vikas@gluster.com> | 2010-03-16 13:32:51 +0000 |
|---|---|---|
| committer | Anand V. Avati <avati@dev.gluster.com> | 2010-03-17 03:19:42 -0700 |
| commit | 9aed760471eba142d8b8b77dc4bb65486e2d4d12 (patch) | |
| tree | 6893c94a84dea571a16f06869b5bf627708284f8 | |
| parent | 45a4f4a263e06eb53c485a5bc2f79322eef8dc3f (diff) | |
cluster/afr: Fix possible NULL dereference in readdirp_cbkv3.0.4rc1
Signed-off-by: Vikas Gorur <vikas@gluster.com>
Signed-off-by: Anand V. Avati <avati@dev.gluster.com>
BUG: 722 (Segfault in glusterfs 3.0.3 replicate/afr_readdirp_cbk)
URL: http://bugs.gluster.com/cgi-bin/bugzilla3/show_bug.cgi?id=722
| -rw-r--r-- | xlators/cluster/afr/src/afr-dir-read.c | 34 |
1 files changed, 18 insertions, 16 deletions
diff --git a/xlators/cluster/afr/src/afr-dir-read.c b/xlators/cluster/afr/src/afr-dir-read.c index 98cda1e809f..1396e1c0b7e 100644 --- a/xlators/cluster/afr/src/afr-dir-read.c +++ b/xlators/cluster/afr/src/afr-dir-read.c @@ -402,7 +402,7 @@ afr_filter_entries (gf_dirent_t *entries, fd_t *fd) uint64_t ctx; afr_fd_ctx_t *fd_ctx; - off_t offset; + off_t offset = 0; ret = fd_ctx_get (fd, THIS, &ctx); if (ret < 0) { @@ -511,7 +511,7 @@ afr_readdirp_cbk (call_frame_t *frame, void *cookie, xlator_t *this, int child_index = -1; uint64_t ctx; - afr_fd_ctx_t *fd_ctx; + afr_fd_ctx_t *fd_ctx = NULL; off_t offset = 0; @@ -556,20 +556,22 @@ afr_readdirp_cbk (call_frame_t *frame, void *cookie, xlator_t *this, } } - list_for_each_entry_safe (entry, tmp, &entries->list, list) { - inum = afr_itransform (entry->d_ino, priv->child_count, - child_index); - entry->d_ino = inum; - inum = afr_itransform (entry->d_stat.st_ino, - priv->child_count, child_index); - entry->d_stat.st_ino = inum; - - if ((local->fd->inode == local->fd->inode->table->root) - && !strcmp (entry->d_name, GF_REPLICATE_TRASH_DIR)) { - list_del_init (&entry->list); - FREE (entry); - } - } + if (op_ret != -1) { + list_for_each_entry_safe (entry, tmp, &entries->list, list) { + inum = afr_itransform (entry->d_ino, priv->child_count, + child_index); + entry->d_ino = inum; + inum = afr_itransform (entry->d_stat.st_ino, + priv->child_count, child_index); + entry->d_stat.st_ino = inum; + + if ((local->fd->inode == local->fd->inode->table->root) + && !strcmp (entry->d_name, GF_REPLICATE_TRASH_DIR)) { + list_del_init (&entry->list); + FREE (entry); + } + } + } if (priv->strict_readdir) { if (fd_ctx->failed_over) { |