[Bugs] [Bug 1471870] cthon04 can cause segfault in gNFS/NLM

bugzilla at redhat.com bugzilla at redhat.com
Fri Aug 11 11:49:25 UTC 2017 

https://bugzilla.redhat.com/show_bug.cgi?id=1471870



--- Comment #20 from Worker Ant <bugzilla-bot at gluster.org> ---
COMMIT: https://review.gluster.org/17796 committed in release-3.10 by
Shyamsundar Ranganathan (srangana at redhat.com) 
------
commit bfc241ab7d0fbb2c9202c8f88a2d543cb4605f80
Author: Niels de Vos <ndevos at redhat.com>
Date:   Mon Jul 17 16:45:47 2017 +0200

    nfs/nlm: keep track of the call-state and frame for notifications

    When blocking locks are used, a new frame is allocated that is used to
    send the notification to the client once once the lock becomes
    available. In all other cases, the frame that contains the request from
    the client will be used for the reply.

    Because there was no way to track the different clients with their
    requests (captured in the call-state), the call-state could be free'd
    before the notification was sent to the client. This caused a
    use-after-free of the call-state and could trigger segfaults of the
    Gluster/NFS server or incorrect replies on (un)lock requests.

    By introducing a nlm4_notify_args structure, the call-state and frame
    can be tracked better. This prevents the possibility of segfaulting when
    the call-state is used after being free'd.

    Cherry picked from commit b81997264f079983fa02bd5fa2b3715224942b00:
    > BUG: 1467313
    > Change-Id: I285d2bc552f509e5145653b7a50afcff827cd612
    > Signed-off-by: Niels de Vos <ndevos at redhat.com>
    > Reviewed-on: https://review.gluster.org/17700
    > Smoke: Gluster Build System <jenkins at build.gluster.org>
    > CentOS-regression: Gluster Build System <jenkins at build.gluster.org>
    > Reviewed-by: Kaleb KEITHLEY <kkeithle at redhat.com>
    > Reviewed-by: jiffin tony Thottan <jthottan at redhat.com>

    Change-Id: I285d2bc552f509e5145653b7a50afcff827cd612
    BUG: 1471870
    Signed-off-by: Niels de Vos <ndevos at redhat.com>
    Reviewed-on: https://review.gluster.org/17796
    CentOS-regression: Gluster Build System <jenkins at build.gluster.org>
    Reviewed-by: Shyamsundar Ranganathan <srangana at redhat.com>
    Smoke: Gluster Build System <jenkins at build.gluster.org>

-- 
You are receiving this mail because:
You are on the CC list for the bug.
Unsubscribe from this bug https://bugzilla.redhat.com/token.cgi?t=Dt92rIHThj&a=cc_unsubscribe

More information about the Bugs mailing list