[Bugs] [Bug 1288922] Use after free bug in notify_kernel_loop in fuse-bridge code

bugzilla at redhat.com bugzilla at redhat.com
Wed Feb 3 05:16:08 UTC 2016 

https://bugzilla.redhat.com/show_bug.cgi?id=1288922



--- Comment #8 from Vijay Bellur <vbellur at redhat.com> ---
COMMIT: http://review.gluster.org/13275 committed in release-3.7 by Raghavendra
G (rgowdapp at redhat.com) 
------
commit 4ae9ac6dd48d378984fa3a34a6b63d90bc74e431
Author: Kaleb S KEITHLEY <kkeithle at redhat.com>
Date:   Thu Jan 21 17:03:17 2016 -0500

    fuse: use-after-free fix in fuse-bridge, revisited

    Prompted by the email exchange in gluster-devel between Oleksandr
    Natalenko, xavi, and soumyak, I looked at this because the fuse client
    on the longevity cluster has also been suffering from a serious memory
    leak for some time. (longevity cluster is currently running 3.7.6)

    The longevity cluster manifests the same kernel notifier loop terminated
    log message the Oleksandr sees, and some sample runs suggest that the
    length passed to the (sys_)write call is unexpectedly and abnormally large.

    Basically this fix
     a) uses correct types for len and rv,
     b) copies the len from potentially incorrectly aligned memory (in a
        way that should minimize potential performance issues related to
        accessing unaligned memory.)
     c) changes log level of the kernel notifier loop terminated message
     d) fixes a potential mutex lock/unlock issue

    See
        Change-Id: Icedb3525706f59803878bb37ef6b4ffe4a986880
        BUG: 1288857
        http://review.gluster.org/13274

    Change-Id: I1a2f957a95978468baa33c2b1f3667934d88939c
    BUG: 1288922
    Signed-off-by: Kaleb S KEITHLEY <kkeithle at redhat.com>
    Reviewed-on: http://review.gluster.org/13275
    Smoke: Gluster Build System <jenkins at build.gluster.com>
    NetBSD-regression: NetBSD Build System <jenkins at build.gluster.org>
    CentOS-regression: Gluster Build System <jenkins at build.gluster.com>
    Reviewed-by: Raghavendra G <rgowdapp at redhat.com>

-- 
You are receiving this mail because:
You are on the CC list for the bug.
Unsubscribe from this bug https://bugzilla.redhat.com/token.cgi?t=VHFpxaVtsA&a=cc_unsubscribe

More information about the Bugs mailing list