From 17784aaa311494e4538c616f02bf95477ae781bc Mon Sep 17 00:00:00 2001 From: N Balachandran Date: Fri, 19 May 2017 15:22:12 +0530 Subject: cluster/dht: Fix crash in dht_selfheal_dir_setattr Use a local variable to store the call cnt used in the for loop for the STACK_WIND so as not to access local which may be freed by STACK_UNWIND after all fops return. Change-Id: I24f49b6dbd29a2b706e388e2f6d5196c0f80afc5 BUG: 1452102 Signed-off-by: N Balachandran Reviewed-on: https://review.gluster.org/17343 Smoke: Gluster Build System NetBSD-regression: NetBSD Build System Reviewed-by: Shyamsundar Ranganathan CentOS-regression: Gluster Build System --- xlators/cluster/dht/src/dht-selfheal.c | 8 ++++++-- 1 file changed, 6 insertions(+), 2 deletions(-) (limited to 'xlators/cluster/dht') diff --git a/xlators/cluster/dht/src/dht-selfheal.c b/xlators/cluster/dht/src/dht-selfheal.c index de9d30c047f..1dd5823b0b5 100644 --- a/xlators/cluster/dht/src/dht-selfheal.c +++ b/xlators/cluster/dht/src/dht-selfheal.c @@ -1150,6 +1150,7 @@ dht_selfheal_dir_setattr (call_frame_t *frame, loc_t *loc, struct iatt *stbuf, int i = 0, ret = -1; dht_local_t *local = NULL; xlator_t *this = NULL; + int cnt = 0; local = frame->local; this = frame->this; @@ -1175,7 +1176,8 @@ dht_selfheal_dir_setattr (call_frame_t *frame, loc_t *loc, struct iatt *stbuf, gf_uuid_copy (loc->gfid, local->gfid); local->call_cnt = missing_attr; - for (i = 0; i < layout->cnt; i++) { + cnt = layout->cnt; + for (i = 0; i < cnt; i++) { if (layout->list[i].err == -1) { gf_msg_trace (this->name, 0, "%s: setattr on subvol %s, gfid = %s", @@ -1299,6 +1301,7 @@ dht_selfheal_dir_mkdir_lookup_done (call_frame_t *frame, xlator_t *this) dict_t *dict = NULL; dht_layout_t *layout = NULL; loc_t *loc = NULL; + int cnt = 0; VALIDATE_OR_GOTO (this->private, err); @@ -1331,7 +1334,8 @@ dht_selfheal_dir_mkdir_lookup_done (call_frame_t *frame, xlator_t *this) DHT_MSG_DICT_SET_FAILED, "dict is NULL, need to make sure gfids are same"); - for (i = 0; i < layout->cnt; i++) { + cnt = layout->cnt; + for (i = 0; i < cnt; i++) { if (layout->list[i].err == ESTALE || layout->list[i].err == ENOENT || local->selfheal.force_mkdir) { -- cgit