diff options
| author | Amar Tumballi <amarts@redhat.com> | 2018-12-19 09:45:42 +0530 |
|---|---|---|
| committer | Amar Tumballi <amarts@redhat.com> | 2018-12-20 06:26:37 +0000 |
| commit | e1f92176a8d372e99386c0f007d6a38c0a54ca5b (patch) | |
| tree | 4a84a104088b4e6d17a2d291230335abcdb23835 /xlators | |
| parent | 8cde14a537f0112400744d518ed196eb8fa232f2 (diff) | |
all: handle USE_AFTER_FREE warnings
* we shouldn't be using 'local' after DHT_STACK_UNWIND() as it frees
the content of local. Add a 'goto out' or similar logic to handle
the situation.
* fix possible overlook of unref(dict), instead of unref(xdata).
* make coverity happy by re-ordering unref in meta-defaults.
* gfid-access: re-order dictionary allocation so we don't have to
do a extra unref.
* other obvious errors reported.
updates: bz#789278
Change-Id: If05961ee946b0c4868df19861d7e4a927a2a2489
Signed-off-by: Amar Tumballi <amarts@redhat.com>
Diffstat (limited to 'xlators')
| -rw-r--r-- | xlators/cluster/dht/src/dht-common.c | 43 | ||||
| -rw-r--r-- | xlators/cluster/dht/src/dht-rebalance.c | 2 | ||||
| -rw-r--r-- | xlators/features/gfid-access/src/gfid-access.c | 16 | ||||
| -rw-r--r-- | xlators/meta/src/meta-defaults.c | 4 |
4 files changed, 52 insertions, 13 deletions
diff --git a/xlators/cluster/dht/src/dht-common.c b/xlators/cluster/dht/src/dht-common.c index 86da0c3f935..d886202ced7 100644 --- a/xlators/cluster/dht/src/dht-common.c +++ b/xlators/cluster/dht/src/dht-common.c @@ -3705,6 +3705,8 @@ unlock: (local->fop == GF_FOP_FSETXATTR)) { DHT_STACK_UNWIND(setxattr, frame, local->op_ret, local->op_errno, NULL); + /* 'local' itself may not be valid after this */ + goto out; } if ((local->fop == GF_FOP_REMOVEXATTR) || (local->fop == GF_FOP_FREMOVEXATTR)) { @@ -3713,6 +3715,7 @@ unlock: } } +out: return 0; } @@ -3759,20 +3762,27 @@ dht_common_mds_xattrop_cbk(call_frame_t *frame, void *cookie, xlator_t *this, if (local->fop == GF_FOP_SETXATTR) { DHT_STACK_UNWIND(setxattr, frame, 0, op_errno, local->xdata); + /* 'local' itself may not be valid after this */ + goto out; } if (local->fop == GF_FOP_FSETXATTR) { DHT_STACK_UNWIND(fsetxattr, frame, 0, op_errno, local->xdata); + /* 'local' itself may not be valid after this */ + goto out; } if (local->fop == GF_FOP_REMOVEXATTR) { DHT_STACK_UNWIND(removexattr, frame, 0, op_errno, NULL); + /* 'local' itself may not be valid after this */ + goto out; } if (local->fop == GF_FOP_FREMOVEXATTR) { DHT_STACK_UNWIND(fremovexattr, frame, 0, op_errno, NULL); } +out: return 0; } @@ -3836,41 +3846,56 @@ dht_setxattr_non_mds_cbk(call_frame_t *frame, void *cookie, xlator_t *this, } else { if (local->fop == GF_FOP_SETXATTR) { DHT_STACK_UNWIND(setxattr, frame, 0, 0, local->xdata); + /* 'local' itself may not be valid after this */ + goto just_return; } if (local->fop == GF_FOP_FSETXATTR) { DHT_STACK_UNWIND(fsetxattr, frame, 0, 0, local->xdata); + /* 'local' itself may not be valid after this */ + goto just_return; } if (local->fop == GF_FOP_REMOVEXATTR) { DHT_STACK_UNWIND(removexattr, frame, 0, 0, NULL); + /* 'local' itself may not be valid after this */ + goto just_return; } if (local->fop == GF_FOP_FREMOVEXATTR) { DHT_STACK_UNWIND(fremovexattr, frame, 0, 0, NULL); + /* 'local' itself may not be valid after this */ + goto just_return; } } } out: - if (xattrop) - dict_unref(xattrop); if (ret) { if (local->fop == GF_FOP_SETXATTR) { DHT_STACK_UNWIND(setxattr, frame, 0, 0, local->xdata); + /* 'local' itself may not be valid after this */ + goto just_return; } if (local->fop == GF_FOP_FSETXATTR) { DHT_STACK_UNWIND(fsetxattr, frame, 0, 0, local->xdata); + /* 'local' itself may not be valid after this */ + goto just_return; } if (local->fop == GF_FOP_REMOVEXATTR) { DHT_STACK_UNWIND(removexattr, frame, 0, 0, NULL); + /* 'local' itself may not be valid after this */ + goto just_return; } if (local->fop == GF_FOP_FREMOVEXATTR) { DHT_STACK_UNWIND(fremovexattr, frame, 0, 0, NULL); } } +just_return: + if (xattrop) + dict_unref(xattrop); return 0; } @@ -3934,16 +3959,22 @@ out: if (local->fop == GF_FOP_SETXATTR) { DHT_STACK_UNWIND(setxattr, frame, local->op_ret, local->op_errno, xdata); + /* 'local' itself may not be valid after this */ + goto just_return; } if (local->fop == GF_FOP_FSETXATTR) { DHT_STACK_UNWIND(fsetxattr, frame, local->op_ret, local->op_errno, xdata); + /* 'local' itself may not be valid after this */ + goto just_return; } if (local->fop == GF_FOP_REMOVEXATTR) { DHT_STACK_UNWIND(removexattr, frame, local->op_ret, local->op_errno, NULL); + /* 'local' itself may not be valid after this */ + goto just_return; } if (local->fop == GF_FOP_FREMOVEXATTR) { @@ -3951,6 +3982,7 @@ out: NULL); } +just_return: return 0; } @@ -4001,16 +4033,22 @@ out: if (local->fop == GF_FOP_SETXATTR) { DHT_STACK_UNWIND(setxattr, frame, local->op_ret, local->op_errno, xdata); + /* 'local' itself may not be valid after this */ + goto just_return; } if (local->fop == GF_FOP_FSETXATTR) { DHT_STACK_UNWIND(fsetxattr, frame, local->op_ret, local->op_errno, xdata); + /* 'local' itself may not be valid after this */ + goto just_return; } if (local->fop == GF_FOP_REMOVEXATTR) { DHT_STACK_UNWIND(removexattr, frame, local->op_ret, local->op_errno, NULL); + /* 'local' itself may not be valid after this */ + goto just_return; } if (local->fop == GF_FOP_FREMOVEXATTR) { @@ -4018,6 +4056,7 @@ out: NULL); } +just_return: return 0; } diff --git a/xlators/cluster/dht/src/dht-rebalance.c b/xlators/cluster/dht/src/dht-rebalance.c index 187244435d6..46acc77c4b0 100644 --- a/xlators/cluster/dht/src/dht-rebalance.c +++ b/xlators/cluster/dht/src/dht-rebalance.c @@ -875,7 +875,7 @@ out: dict_unref(dict); if (xdata) - dict_unref(dict); + dict_unref(xdata); return ret; } diff --git a/xlators/features/gfid-access/src/gfid-access.c b/xlators/features/gfid-access/src/gfid-access.c index 4a422ee658c..ad7776741d9 100644 --- a/xlators/features/gfid-access/src/gfid-access.c +++ b/xlators/features/gfid-access/src/gfid-access.c @@ -448,14 +448,6 @@ ga_new_entry(call_frame_t *frame, xlator_t *this, loc_t *loc, data_t *data, 0, }; - args = ga_newfile_parse_args(this, data); - if (!args) - goto out; - - ret = gf_uuid_parse(args->gfid, gfid); - if (ret) - goto out; - if (!xdata) { xdata = dict_new(); } else { @@ -467,6 +459,14 @@ ga_new_entry(call_frame_t *frame, xlator_t *this, loc_t *loc, data_t *data, goto out; } + args = ga_newfile_parse_args(this, data); + if (!args) + goto out; + + ret = gf_uuid_parse(args->gfid, gfid); + if (ret) + goto out; + ret = ga_fill_tmp_loc(loc, this, gfid, args->bname, xdata, &tmp_loc); if (ret) goto out; diff --git a/xlators/meta/src/meta-defaults.c b/xlators/meta/src/meta-defaults.c index 12dc5f484b6..ea8f3230b1d 100644 --- a/xlators/meta/src/meta-defaults.c +++ b/xlators/meta/src/meta-defaults.c @@ -145,11 +145,11 @@ meta_default_readv(call_frame_t *frame, xlator_t *this, fd_t *fd, size_t size, return default_readv_failure_cbk(frame, ENOMEM); } + iov.iov_base = iobuf_ptr(iobuf); + /* iobref would have taken a ref */ iobuf_unref(iobuf); - iov.iov_base = iobuf_ptr(iobuf); - copy_offset = min(meta_fd->size, offset); copy_size = min(size, (meta_fd->size - copy_offset)); |