[Bugs] [Bug 789278] Issues reported by Coverity static analysis tool
bugzilla at redhat.com
bugzilla at redhat.com
Thu Apr 2 12:27:50 UTC 2015
https://bugzilla.redhat.com/show_bug.cgi?id=789278
--- Comment #557 from Anand Avati <aavati at redhat.com> ---
COMMIT: http://review.gluster.org/10056 committed in master by Venky Shankar
(vshankar at redhat.com)
------
commit 41bc3f7f023de198c695bdb7708afef3910cc761
Author: Michael Adam <obnox at samba.org>
Date: Mon Mar 30 19:48:27 2015 +0200
features/bit-rot: fix CID 1124725 - use after free
Coverity fixes:
CID 1124725
CID 1291742
The problem is that gf_tw_cleanup_timers() frees the handed
in priv->timer_wheel but it can not set the pointer to NULL,
so subsequent checks for priv->timer_wheel show it as not NULL
and allow for access after free.
The proper change might be to change gf_tw_cleanup_timers() to
take a reference to the pointer and set it to NULL after free,
but since it is under contrib/, I did not want to change that
function. Instead this patch uses the function's return code
which was not used previously. (Maybe this should even be done
in a wrapper macro or function?)
Change-Id: I31d80d3df2e4dc7503d62c7819429e1a388fdfdd
BUG: 789278
Signed-off-by: Michael Adam <obnox at samba.org>
Reviewed-on: http://review.gluster.org/10056
Tested-by: Gluster Build System <jenkins at build.gluster.com>
Reviewed-by: Venky Shankar <vshankar at redhat.com>
Tested-by: Venky Shankar <vshankar at redhat.com>
--
You are receiving this mail because:
You are the assignee for the bug.
More information about the Bugs
mailing list