[Bugs] [Bug 789278] Issues reported by Coverity static analysis tool

[bugzilla at redhat.com]

https://bugzilla.redhat.com/show_bug.cgi?id=789278



--- Comment #557 from Anand Avati <aavati at redhat.com> ---
COMMIT: http://review.gluster.org/10056 committed in master by Venky Shankar
(vshankar at redhat.com) 
------
commit 41bc3f7f023de198c695bdb7708afef3910cc761
Author: Michael Adam <obnox at samba.org>
Date:   Mon Mar 30 19:48:27 2015 +0200

    features/bit-rot: fix CID 1124725 - use after free

    Coverity fixes:
    CID 1124725
    CID 1291742

    The problem is that gf_tw_cleanup_timers() frees the handed
    in priv->timer_wheel but it can not set the pointer to NULL,
    so subsequent checks for priv->timer_wheel show it as not NULL
    and allow for access after free.

    The proper change might be to change gf_tw_cleanup_timers() to
    take a reference to the pointer and set it to NULL after free,
    but since it is under contrib/, I did not want to change that
    function. Instead this patch uses the function's return code
    which was not used previously. (Maybe this should even be done
    in a wrapper macro or function?)

    Change-Id: I31d80d3df2e4dc7503d62c7819429e1a388fdfdd
    BUG: 789278
    Signed-off-by: Michael Adam <obnox at samba.org>
    Reviewed-on: http://review.gluster.org/10056
    Tested-by: Gluster Build System <jenkins at build.gluster.com>
    Reviewed-by: Venky Shankar <vshankar at redhat.com>
    Tested-by: Venky Shankar <vshankar at redhat.com>

-- 
You are receiving this mail because:
You are the assignee for the bug.