cb8e9e
From 7685ba36b1ee34009c4954038373920d269cb2ce Mon Sep 17 00:00:00 2001
cb8e9e
From: Bipin Kunal <bkunal@redhat.com>
cb8e9e
Date: Tue, 12 May 2015 16:36:55 +0530
cb8e9e
Subject: [PATCH 301/304] libgfapi: Gracefully exit when glfd is invalid
cb8e9e
cb8e9e
Backport of http://review.gluster.org/#/c/10759/
cb8e9e
cb8e9e
When glfs_* methods operating on glfd are invoked after calling
cb8e9e
glfs_close(), the program segfaults inside __GLFS_ENTRY_VALIDATE_FD
cb8e9e
trying to deference glfd->fd->inode which is invalid.
cb8e9e
cb8e9e
Also, returning EBADF seemed more specific than EINVAL.
cb8e9e
cb8e9e
BUG: 1255471
cb8e9e
cb8e9e
Change-Id: I13a92dca52da9a300252b69e026581b3a9e931fd
cb8e9e
Signed-off-by: Prashanth Pai <ppai@redhat.com>
cb8e9e
Reviewed-on: http://review.gluster.org/10759
cb8e9e
Tested-by: Gluster Build System <jenkins@build.gluster.com>
cb8e9e
Reviewed-by: Shyamsundar Ranganathan <srangana@redhat.com>
cb8e9e
Signed-off-by: Bipin Kunal <bkunal@redhat.com>
cb8e9e
Reviewed-on: https://code.engineering.redhat.com/gerrit/56191
cb8e9e
Reviewed-by: Niels de Vos <ndevos@redhat.com>
cb8e9e
Tested-by: Niels de Vos <ndevos@redhat.com>
cb8e9e
---
cb8e9e
 api/src/glfs-internal.h |    4 ++--
cb8e9e
 api/src/glfs.c          |    6 ++++--
cb8e9e
 libglusterfs/src/fd.c   |    2 +-
cb8e9e
 3 files changed, 7 insertions(+), 5 deletions(-)
cb8e9e
cb8e9e
diff --git a/api/src/glfs-internal.h b/api/src/glfs-internal.h
cb8e9e
index 8ff78de..2d8a7dc 100644
cb8e9e
--- a/api/src/glfs-internal.h
cb8e9e
+++ b/api/src/glfs-internal.h
cb8e9e
@@ -217,8 +217,8 @@ do {                                                                \
cb8e9e
 
cb8e9e
 #define __GLFS_ENTRY_VALIDATE_FD(glfd, label)                       \
cb8e9e
 do {                                                                \
cb8e9e
-        if (!glfd) {                                                \
cb8e9e
-                errno = EINVAL;                                     \
cb8e9e
+        if (!glfd || !glfd->fd || !glfd->fd->inode) {               \
cb8e9e
+                errno = EBADF;                                      \
cb8e9e
                 goto label;                                         \
cb8e9e
         }                                                           \
cb8e9e
         old_THIS = THIS;                                            \
cb8e9e
diff --git a/api/src/glfs.c b/api/src/glfs.c
cb8e9e
index 897d3ea..1c7b55a 100644
cb8e9e
--- a/api/src/glfs.c
cb8e9e
+++ b/api/src/glfs.c
cb8e9e
@@ -560,8 +560,10 @@ glfs_fd_destroy (struct glfs_fd *glfd)
cb8e9e
 	}
cb8e9e
 	glfs_unlock (glfd->fs);
cb8e9e
 
cb8e9e
-	if (glfd->fd)
cb8e9e
-		fd_unref (glfd->fd);
cb8e9e
+        if (glfd->fd) {
cb8e9e
+                fd_unref (glfd->fd);
cb8e9e
+                glfd->fd = NULL;
cb8e9e
+        }
cb8e9e
 
cb8e9e
 	GF_FREE (glfd->readdirbuf);
cb8e9e
 
cb8e9e
diff --git a/libglusterfs/src/fd.c b/libglusterfs/src/fd.c
cb8e9e
index 85334bb..9beb79c 100644
cb8e9e
--- a/libglusterfs/src/fd.c
cb8e9e
+++ b/libglusterfs/src/fd.c
cb8e9e
@@ -538,7 +538,7 @@ fd_destroy (fd_t *fd)
cb8e9e
         }
cb8e9e
         UNLOCK (&fd->inode->lock);
cb8e9e
         inode_unref (fd->inode);
cb8e9e
-        fd->inode = (inode_t *)0xaaaaaaaa;
cb8e9e
+        fd->inode = NULL;
cb8e9e
         fd_lk_ctx_unref (fd->lk_ctx);
cb8e9e
         mem_put (fd);
cb8e9e
 out:
cb8e9e
-- 
cb8e9e
1.7.1
cb8e9e