Skip to content
New issue

Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.

Sign up for GitHub

By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.

Already on GitHub? Sign in to your account

Jump to bottom

socket: fix user-after-free on name resolution error #3471

Merged
merged 1 commit into from
Apr 28, 2022
Merged

socket: fix user-after-free on name resolution error #3471

merged 1 commit into from
Apr 28, 2022

Conversation

xhernandez
Copy link
Contributor

When a connection attempt fails, a new thread is created to clean it up
due to some potential deadlocks. However this new thread was executed
without a reference on the rpc transport when name resolution failed,
making it use stale pointer in some cases and causing a crash.

The fix makes sure that the thread always has a valid reference.

Fixes: #3470
Change-Id: Iebff6cd95602a6cfc3f81a0c6781f20fd1a76638
Signed-off-by: Xavi Hernandez xhernandez@redhat.com

@xhernandez
socket: fix user-after-free on name resolution error
743af98 
When a connection attempt fails, a new thread is created to clean it up
due to some potential deadlocks. However this new thread was executed
without a reference on the rpc transport when name resolution failed,
making it use stale pointer in some cases and causing a crash.

The fix makes sure that the thread always has a valid reference.

Fixes: gluster#3470
Change-Id: Iebff6cd95602a6cfc3f81a0c6781f20fd1a76638
Signed-off-by: Xavi Hernandez <xhernandez@redhat.com>
@xhernandez
Copy link
Contributor Author

/run regression

@gluster-ant
Copy link
Collaborator

CLANG-FORMAT FAILURE:
Before merging the patch, this diff needs to be considered for passing clang-format

index dd9cf25e5..2435d0e07 100644
--- a/rpc/rpc-transport/socket/src/socket.c
+++ b/rpc/rpc-transport/socket/src/socket.c
@@ -56,7 +56,8 @@
 #if !defined(DEFAULT_VERIFY_DEPTH)
 #define DEFAULT_VERIFY_DEPTH 1
 #endif
-#define DEFAULT_CIPHER_LIST "AES128:EECDH:EDH:HIGH:!3DES:!RC4:!DES:!MD5:!aNULL:!eNULL"
+#define DEFAULT_CIPHER_LIST                                                    \
+    "AES128:EECDH:EDH:HIGH:!3DES:!RC4:!DES:!MD5:!aNULL:!eNULL"
 #define DEFAULT_DH_PARAM SSL_CERT_PATH "/dhparam.pem"
 #define DEFAULT_EC_CURVE "prime256v1"

@mohit84 mohit84 merged commit 0a22c47 into gluster:devel Apr 28, 2022
@xhernandez xhernandez deleted the issue-3470 branch April 28, 2022 15:31
Sign up for free to join this conversation on GitHub. Already have an account? Sign in to comment
Reviewers

@mohit84 mohit84 mohit84 approved these changes

Assignees
No one assigned
Labels
None yet
Projects
None yet
Milestone
No milestone
Development

Successfully merging this pull request may close these issues.

Spurious crash when "peer probing" a non existing host name
3 participants
@xhernandez @gluster-ant @mohit84