OpenAFS Master Repository branch, master, updated. BP-openafs-stable-1_8_x-586-g98b5ffb
Gerrit Code Review
gerrit@openafs.org
Fri, 8 May 2020 12:02:15 -0400
The following commit has been merged in the master branch:
commit 98b5ffb52117aefac5afb47b30ce9b87eb2fdebf
Author: Andrew Deason <adeason@sinenomine.net>
Date: Mon Apr 20 13:03:15 2020 -0500
ubik: Avoid unlinking garbage during recovery
In urecovery_Interact, if any of our operations fail around
calling DISK_GetFile, we will jump to FetchEndCall and eventually
unlink 'pbuffer'. But if we failed before opening our .DB0.TMP file,
the contents of 'pbuffer' will not be initialized yet.
During most iterations of the recovery loop, the contents of 'pbuffer'
will be filled in from previous loops, and it should always stay the
same, so it's not a big problem. But if this is the first iteration of
the loop, the contents of 'pbuffer' may be stack garbage.
Solve this in two ways. To make sure we don't use garbage contents in
'pbuffer', memset the whole thing to zeroes at the beginning of
urecovery_Interact(). And then to make sure we're not reusing
'pbuffer' contents from previous iterations of the loop, also clear
the first character to NUL each time we arrive at this area of the
recovery code. And avoid unlinking anything if pbuffer starts with a
NUL.
Commit 44e80643 (ubik: Avoid unlinking garbage) fixes the same issue,
but only fixed it in the SDISK_SendFile codepath in remote.c.
Change-Id: Ica39e66efa89562068a4be3a14b2d13594b77f6d
Reviewed-on: https://gerrit.openafs.org/14153
Tested-by: BuildBot <buildbot@rampaginggeek.com>
Reviewed-by: Marcio Brito Barbosa <mbarbosa@sinenomine.net>
Reviewed-by: Benjamin Kaduk <kaduk@mit.edu>
src/ubik/recovery.c | 8 +++++++-
1 files changed, 7 insertions(+), 1 deletions(-)
--
OpenAFS Master Repository