summaryrefslogtreecommitdiffstats
diff options
context:
space:
mode:
authorVikas Gorur <vikas@gluster.com>2010-01-25 05:59:28 +0000
committerAnand V. Avati <avati@dev.gluster.com>2010-01-25 04:32:27 -0800
commit7b12c4eb7e20251b9b128e905518478df25d2af2 (patch)
tree0d4de0a72e6135456ae864c349bcde3fb970a8e1
parent61dbadb2e775d8f2011157c453100a77024e87bf (diff)
storage/posix: Fix an access-after-free bug in release() and releasedir().
Signed-off-by: Vikas Gorur <vikas@gluster.com> Signed-off-by: Anand V. Avati <avati@dev.gluster.com> BUG: 533 (close() should not block main loop) URL: http://bugs.gluster.com/cgi-bin/bugzilla3/show_bug.cgi?id=533
-rw-r--r--xlators/storage/posix/src/posix.c32
1 files changed, 15 insertions, 17 deletions
diff --git a/xlators/storage/posix/src/posix.c b/xlators/storage/posix/src/posix.c
index c9342ac4d69..6b8aa5a9298 100644
--- a/xlators/storage/posix/src/posix.c
+++ b/xlators/storage/posix/src/posix.c
@@ -1125,6 +1125,13 @@ posix_releasedir (xlator_t *this,
priv = this->private;
+ if (!pfd->path) {
+ op_errno = EBADFD;
+ gf_log (this->name, GF_LOG_DEBUG,
+ "pfd->path was NULL. fd=%p pfd=%p",
+ fd, pfd);
+ }
+
pthread_mutex_lock (&priv->janitor_lock);
{
INIT_LIST_HEAD (&pfd->list);
@@ -1133,14 +1140,6 @@ posix_releasedir (xlator_t *this,
}
pthread_mutex_unlock (&priv->janitor_lock);
- if (!pfd->path) {
- op_errno = EBADFD;
- gf_log (this->name, GF_LOG_DEBUG,
- "pfd->path was NULL. fd=%p pfd=%p",
- fd, pfd);
- goto out;
- }
-
op_ret = 0;
out:
@@ -2782,23 +2781,22 @@ posix_release (xlator_t *this,
_fd = pfd->fd;
- pthread_mutex_lock (&priv->janitor_lock);
- {
- INIT_LIST_HEAD (&pfd->list);
- list_add_tail (&pfd->list, &priv->janitor_fds);
- pthread_cond_signal (&priv->janitor_cond);
- }
- pthread_mutex_unlock (&priv->janitor_lock);
-
if (pfd->dir) {
op_ret = -1;
op_errno = EBADF;
gf_log (this->name, GF_LOG_DEBUG,
"pfd->dir is %p (not NULL) for file fd=%p",
pfd->dir, fd);
- goto out;
}
+ pthread_mutex_lock (&priv->janitor_lock);
+ {
+ INIT_LIST_HEAD (&pfd->list);
+ list_add_tail (&pfd->list, &priv->janitor_fds);
+ pthread_cond_signal (&priv->janitor_cond);
+ }
+ pthread_mutex_unlock (&priv->janitor_lock);
+
LOCK (&priv->lock);
{
priv->stats.nr_files--;