rpms / libqb

Clone
Source Code
GIT

Blame SOURCES/bz1063415-corosync-crash-fixes.patch

c4 c5 c5-plus c6 c6-plus c7 c7-alt c7-beta c8 c8-beta c8s c9 c9-beta
  1.   76894c01ded27b2227a5998df8a895dd8f3fb589
  2.   SOURCES
  3.   bz1063415-corosync-crash-fixes.patch
Blob History Raw
76894c 
From 6a2ff420e12211785683f3674fee968893144696 Mon Sep 17 00:00:00 2001
76894c 
From: David Vossel <dvossel@redhat.com>
76894c 
Date: Fri, 17 Jan 2014 11:22:24 -0600
76894c 
Subject: [PATCH] High: ipcs: Prevent ipc server use after free.
76894c
76894c 
The ipc server registers the bind socket to
76894c 
the poll loop in order to be alerted to new
76894c 
connection requests. Upon shutdown, the ipc server
76894c 
does not remove this poll entry. This patch fixes
76894c 
this use after free.
76894c 
---
76894c 
 lib/ipc_setup.c | 1 +
76894c 
 1 file changed, 1 insertion(+)
76894c
76894c 
diff --git a/lib/ipc_setup.c b/lib/ipc_setup.c
76894c 
index 3c22e6f..fc3ce5b 100644
76894c 
--- a/lib/ipc_setup.c
76894c 
+++ b/lib/ipc_setup.c
76894c 
@@ -431,6 +431,7 @@ int32_t
76894c 
 qb_ipcs_us_withdraw(struct qb_ipcs_service * s)
76894c 
 {
76894c 
 	qb_util_log(LOG_INFO, "withdrawing server sockets");
76894c 
+	s->poll_fns.dispatch_del(s->server_sock);
76894c 
 	shutdown(s->server_sock, SHUT_RDWR);
76894c 
 	close(s->server_sock);
76894c 
 	return 0;
76894c 
--
76894c 
1.8.4.2
76894c

Powered by Pagure 5.14.1

SSH Hostkey/Fingerprint | Documentation