[ ssic-linux-Bugs-2719607 ] memory leak in ipcname_gettotal() path
|
View:
New views
1 Messages
—
Rating Filter:
Alert me
|
 |
[ ssic-linux-Bugs-2719607 ] memory leak in ipcname_gettotal() path
by SourceForge.net
::
Rate this Message:
Bugs item #2719607, was opened at 2009-03-28 16:47
Message generated for change (Comment added) made by rogertsang You can respond by visiting: https://sourceforge.net/tracker/?func=detail&atid=405834&aid=2719607&group_id=32541 Please note that this message will contain a full copy of the comment thread, including the initial issue submission, for this request, not just the latest update. Category: IPC Group: default Status: Open >Resolution: Fixed Priority: 5 Private: No Submitted By: Roger Tsang (rogertsang) Assigned to: John Hughes (hughesj) Summary: memory leak in ipcname_gettotal() path Initial Comment: https://sourceforge.net/mailarchive/forum.php?thread_name=49C8C9D9.6000204%40Calva.COM&forum_name=ssic-linux-devel ---------------------------------------------------------------------- >Comment By: Roger Tsang (rogertsang) Date: 2009-10-26 23:49 Message: checked-in ---------------------------------------------------------------------- Comment By: Roger Tsang (rogertsang) Date: 2009-04-28 09:56 Message: node_id_pairs is a vector ---------------------------------------------------------------------- Comment By: Roger Tsang (rogertsang) Date: 2009-04-28 09:54 Message: There is also a memory corruption bug in this path. When doing RPC the length of the struct node_id_pairs buffer is incorrect. --- linux.orig/cluster/ssi/ipc/namesvr_clnt.c +++ linux/cluster/ssi/ipc/namesvr_clnt.c @@ -188,7 +188,7 @@ again: { clusternode_t server_node; - int status, rval, len = 0; + int rval; extern clms_key_svc_t ipc_key_service; again: server_node = name_server_node; @@ -203,13 +203,12 @@ again: rval = ipcname_gettotal(service, *node_id_pairs, sz); } else { ssi_procstate_t pstate; + int status, count = *sz; - if (*sz > 0) - len = *sz * sizeof(struct ssi_nodeid_pair); ssi_procstate_get(&pstate); - node_id_pairs, &len, sz); + node_id_pairs, &count, sz); if (status == -EAGAIN || status == -EREMOTE) { /* Server is doing failover,dying, or isn't ready yet.*/ clms_waitfor_key_service(0); Index: linux/cluster/ssi/ipc/namesvr_svr.c =================================================================== @@ -88,34 +88,33 @@ ripc_ipcname_getid(clusternode_t *node, */ void - int *len, int *sz) + ssi_procstate_t *pstate, + struct ssi_nodeid_pair **node_id_pairs, int *count, + int *sz) { ssi_procstate_t save_pstate; - int count = *sz; if (ipcname_failover_flag) { *rval = -EAGAIN; return; } - *len = 0; ssi_procstate_get(&save_pstate); ssi_procstate_set(pstate); - if (count > 0) { - if (*node_id_pairs == NULL) { - *sz = 0; + if (*count > 0) { + if (!*node_id_pairs) { + *count = *sz = 0; goto done; } } *rval = ipcname_gettotal(service, *node_id_pairs, sz); - if (count > 0) { - if (count > *sz) - count = *sz; - *len = count * sizeof(**node_id_pairs); - } + if (!*rval) { + if (*count && *sz < *count) + *count = *sz; + } else + *count = 0; done: ssi_procstate_set(&save_pstate); } ---------------------------------------------------------------------- Comment By: Roger Tsang (rogertsang) Date: 2009-03-28 16:49 Message: fix attached ---------------------------------------------------------------------- You can respond by visiting: https://sourceforge.net/tracker/?func=detail&atid=405834&aid=2719607&group_id=32541 ------------------------------------------------------------------------------ Come build with us! The BlackBerry(R) Developer Conference in SF, CA is the only developer event you need to attend this year. Jumpstart your developing skills, take BlackBerry mobile applications to market and stay ahead of the curve. Join us from November 9 - 12, 2009. Register now! http://p.sf.net/sfu/devconference _______________________________________________ ssic-linux-devel mailing list ssic-linux-devel@... https://lists.sourceforge.net/lists/listinfo/ssic-linux-devel |
| Free embeddable forum powered by Nabble | Forum Help |
