packages/glusterfs
1
0
Fork 0
Code Issues Pull Requests Packages Projects Releases Wiki Activity
glusterfs/0001-fuse-Resolve-asan-bug-in-during-receive-event-notifi.patch
wguanghao b3f331d476 upgrade version to 11.1
2024-01-31 10:13:39 +08:00

66 lines
2.2 KiB
Diff
Raw Permalink Blame History

From 5f26bfb979af9051e07f35a01d749ba4977f4b1e Mon Sep 17 00:00:00 2001
From: mohit84 <moagrawa@redhat.com>
Date: Thu, 2 Mar 2023 02:58:57 +0530
Subject: [PATCH] fuse: Resolve asan bug in during receive event notification
(#4019)
The fuse xlator notify function tries to assign data object
to graph object without checking an event. In case of upcall
event data object represents upcall object so during access
of graph object the process is crashed for asan build.
Solution: Access the graph->id only while event is associated
specific to fuse xlator
Fixes: #3954
Change-Id: I6b2869256b26d22163879737dcf163510d1cd8bf
Signed-off-by: Mohit Agrawal <moagrawa@redhat.com>
---
xlators/mount/fuse/src/fuse-bridge.c | 13 ++++++++++---
1 file changed, 10 insertions(+), 3 deletions(-)
diff --git a/xlators/mount/fuse/src/fuse-bridge.c b/xlators/mount/fuse/src/fuse-bridge.c
index bd61421263..2dc9b4f429 100644
--- a/xlators/mount/fuse/src/fuse-bridge.c
+++ b/xlators/mount/fuse/src/fuse-bridge.c
@@ -6502,6 +6502,7 @@ notify(xlator_t *this, int32_t event, void *data, ...)
int32_t ret = 0;
fuse_private_t *private = NULL;
gf_boolean_t start_thread = _gf_false;
+ gf_boolean_t event_graph = _gf_true;
glusterfs_graph_t *graph = NULL;
struct pollfd pfd = {0};
@@ -6509,9 +6510,6 @@ notify(xlator_t *this, int32_t event, void *data, ...)
graph = data;
- gf_log("fuse", GF_LOG_DEBUG, "got event %d on graph %d", event,
- ((graph) ? graph->id : 0));
-
switch (event) {
case GF_EVENT_GRAPH_NEW:
break;
@@ -6597,9 +6595,18 @@ notify(xlator_t *this, int32_t event, void *data, ...)
}
default:
+ /* Set the event_graph to false so that event
+ debug msg would not try to access invalid graph->id
+ while data object is not matched to graph object
+ for ex in case of upcall event data object represents
+ gf_upcall object
+ */
+ event_graph = _gf_false;
break;
}
+ gf_log("fuse", GF_LOG_DEBUG, "got event %d on graph %d", event,
+ ((graph && event_graph) ? graph->id : -1));
return ret;
}
--
2.33.0
Reference in New Issue View Git Blame Copy Permalink