summaryrefslogtreecommitdiffstats
path: root/xlators
diff options
context:
space:
mode:
authorAmar Tumballi <amarts@redhat.com>2018-12-19 09:45:42 +0530
committerAmar Tumballi <amarts@redhat.com>2018-12-20 06:26:37 +0000
commite1f92176a8d372e99386c0f007d6a38c0a54ca5b (patch)
tree4a84a104088b4e6d17a2d291230335abcdb23835 /xlators
parent8cde14a537f0112400744d518ed196eb8fa232f2 (diff)
all: handle USE_AFTER_FREE warnings
* we shouldn't be using 'local' after DHT_STACK_UNWIND() as it frees the content of local. Add a 'goto out' or similar logic to handle the situation. * fix possible overlook of unref(dict), instead of unref(xdata). * make coverity happy by re-ordering unref in meta-defaults. * gfid-access: re-order dictionary allocation so we don't have to do a extra unref. * other obvious errors reported. updates: bz#789278 Change-Id: If05961ee946b0c4868df19861d7e4a927a2a2489 Signed-off-by: Amar Tumballi <amarts@redhat.com>
Diffstat (limited to 'xlators')
-rw-r--r--xlators/cluster/dht/src/dht-common.c43
-rw-r--r--xlators/cluster/dht/src/dht-rebalance.c2
-rw-r--r--xlators/features/gfid-access/src/gfid-access.c16
-rw-r--r--xlators/meta/src/meta-defaults.c4
4 files changed, 52 insertions, 13 deletions
diff --git a/xlators/cluster/dht/src/dht-common.c b/xlators/cluster/dht/src/dht-common.c
index 86da0c3f935..d886202ced7 100644
--- a/xlators/cluster/dht/src/dht-common.c
+++ b/xlators/cluster/dht/src/dht-common.c
@@ -3705,6 +3705,8 @@ unlock:
(local->fop == GF_FOP_FSETXATTR)) {
DHT_STACK_UNWIND(setxattr, frame, local->op_ret, local->op_errno,
NULL);
+ /* 'local' itself may not be valid after this */
+ goto out;
}
if ((local->fop == GF_FOP_REMOVEXATTR) ||
(local->fop == GF_FOP_FREMOVEXATTR)) {
@@ -3713,6 +3715,7 @@ unlock:
}
}
+out:
return 0;
}
@@ -3759,20 +3762,27 @@ dht_common_mds_xattrop_cbk(call_frame_t *frame, void *cookie, xlator_t *this,
if (local->fop == GF_FOP_SETXATTR) {
DHT_STACK_UNWIND(setxattr, frame, 0, op_errno, local->xdata);
+ /* 'local' itself may not be valid after this */
+ goto out;
}
if (local->fop == GF_FOP_FSETXATTR) {
DHT_STACK_UNWIND(fsetxattr, frame, 0, op_errno, local->xdata);
+ /* 'local' itself may not be valid after this */
+ goto out;
}
if (local->fop == GF_FOP_REMOVEXATTR) {
DHT_STACK_UNWIND(removexattr, frame, 0, op_errno, NULL);
+ /* 'local' itself may not be valid after this */
+ goto out;
}
if (local->fop == GF_FOP_FREMOVEXATTR) {
DHT_STACK_UNWIND(fremovexattr, frame, 0, op_errno, NULL);
}
+out:
return 0;
}
@@ -3836,41 +3846,56 @@ dht_setxattr_non_mds_cbk(call_frame_t *frame, void *cookie, xlator_t *this,
} else {
if (local->fop == GF_FOP_SETXATTR) {
DHT_STACK_UNWIND(setxattr, frame, 0, 0, local->xdata);
+ /* 'local' itself may not be valid after this */
+ goto just_return;
}
if (local->fop == GF_FOP_FSETXATTR) {
DHT_STACK_UNWIND(fsetxattr, frame, 0, 0, local->xdata);
+ /* 'local' itself may not be valid after this */
+ goto just_return;
}
if (local->fop == GF_FOP_REMOVEXATTR) {
DHT_STACK_UNWIND(removexattr, frame, 0, 0, NULL);
+ /* 'local' itself may not be valid after this */
+ goto just_return;
}
if (local->fop == GF_FOP_FREMOVEXATTR) {
DHT_STACK_UNWIND(fremovexattr, frame, 0, 0, NULL);
+ /* 'local' itself may not be valid after this */
+ goto just_return;
}
}
}
out:
- if (xattrop)
- dict_unref(xattrop);
if (ret) {
if (local->fop == GF_FOP_SETXATTR) {
DHT_STACK_UNWIND(setxattr, frame, 0, 0, local->xdata);
+ /* 'local' itself may not be valid after this */
+ goto just_return;
}
if (local->fop == GF_FOP_FSETXATTR) {
DHT_STACK_UNWIND(fsetxattr, frame, 0, 0, local->xdata);
+ /* 'local' itself may not be valid after this */
+ goto just_return;
}
if (local->fop == GF_FOP_REMOVEXATTR) {
DHT_STACK_UNWIND(removexattr, frame, 0, 0, NULL);
+ /* 'local' itself may not be valid after this */
+ goto just_return;
}
if (local->fop == GF_FOP_FREMOVEXATTR) {
DHT_STACK_UNWIND(fremovexattr, frame, 0, 0, NULL);
}
}
+just_return:
+ if (xattrop)
+ dict_unref(xattrop);
return 0;
}
@@ -3934,16 +3959,22 @@ out:
if (local->fop == GF_FOP_SETXATTR) {
DHT_STACK_UNWIND(setxattr, frame, local->op_ret, local->op_errno,
xdata);
+ /* 'local' itself may not be valid after this */
+ goto just_return;
}
if (local->fop == GF_FOP_FSETXATTR) {
DHT_STACK_UNWIND(fsetxattr, frame, local->op_ret, local->op_errno,
xdata);
+ /* 'local' itself may not be valid after this */
+ goto just_return;
}
if (local->fop == GF_FOP_REMOVEXATTR) {
DHT_STACK_UNWIND(removexattr, frame, local->op_ret, local->op_errno,
NULL);
+ /* 'local' itself may not be valid after this */
+ goto just_return;
}
if (local->fop == GF_FOP_FREMOVEXATTR) {
@@ -3951,6 +3982,7 @@ out:
NULL);
}
+just_return:
return 0;
}
@@ -4001,16 +4033,22 @@ out:
if (local->fop == GF_FOP_SETXATTR) {
DHT_STACK_UNWIND(setxattr, frame, local->op_ret, local->op_errno,
xdata);
+ /* 'local' itself may not be valid after this */
+ goto just_return;
}
if (local->fop == GF_FOP_FSETXATTR) {
DHT_STACK_UNWIND(fsetxattr, frame, local->op_ret, local->op_errno,
xdata);
+ /* 'local' itself may not be valid after this */
+ goto just_return;
}
if (local->fop == GF_FOP_REMOVEXATTR) {
DHT_STACK_UNWIND(removexattr, frame, local->op_ret, local->op_errno,
NULL);
+ /* 'local' itself may not be valid after this */
+ goto just_return;
}
if (local->fop == GF_FOP_FREMOVEXATTR) {
@@ -4018,6 +4056,7 @@ out:
NULL);
}
+just_return:
return 0;
}
diff --git a/xlators/cluster/dht/src/dht-rebalance.c b/xlators/cluster/dht/src/dht-rebalance.c
index 187244435d6..46acc77c4b0 100644
--- a/xlators/cluster/dht/src/dht-rebalance.c
+++ b/xlators/cluster/dht/src/dht-rebalance.c
@@ -875,7 +875,7 @@ out:
dict_unref(dict);
if (xdata)
- dict_unref(dict);
+ dict_unref(xdata);
return ret;
}
diff --git a/xlators/features/gfid-access/src/gfid-access.c b/xlators/features/gfid-access/src/gfid-access.c
index 4a422ee658c..ad7776741d9 100644
--- a/xlators/features/gfid-access/src/gfid-access.c
+++ b/xlators/features/gfid-access/src/gfid-access.c
@@ -448,14 +448,6 @@ ga_new_entry(call_frame_t *frame, xlator_t *this, loc_t *loc, data_t *data,
0,
};
- args = ga_newfile_parse_args(this, data);
- if (!args)
- goto out;
-
- ret = gf_uuid_parse(args->gfid, gfid);
- if (ret)
- goto out;
-
if (!xdata) {
xdata = dict_new();
} else {
@@ -467,6 +459,14 @@ ga_new_entry(call_frame_t *frame, xlator_t *this, loc_t *loc, data_t *data,
goto out;
}
+ args = ga_newfile_parse_args(this, data);
+ if (!args)
+ goto out;
+
+ ret = gf_uuid_parse(args->gfid, gfid);
+ if (ret)
+ goto out;
+
ret = ga_fill_tmp_loc(loc, this, gfid, args->bname, xdata, &tmp_loc);
if (ret)
goto out;
diff --git a/xlators/meta/src/meta-defaults.c b/xlators/meta/src/meta-defaults.c
index 12dc5f484b6..ea8f3230b1d 100644
--- a/xlators/meta/src/meta-defaults.c
+++ b/xlators/meta/src/meta-defaults.c
@@ -145,11 +145,11 @@ meta_default_readv(call_frame_t *frame, xlator_t *this, fd_t *fd, size_t size,
return default_readv_failure_cbk(frame, ENOMEM);
}
+ iov.iov_base = iobuf_ptr(iobuf);
+
/* iobref would have taken a ref */
iobuf_unref(iobuf);
- iov.iov_base = iobuf_ptr(iobuf);
-
copy_offset = min(meta_fd->size, offset);
copy_size = min(size, (meta_fd->size - copy_offset));