From 202c34e6826fd2cba34ee61fc14312126ede808f Mon Sep 17 00:00:00 2001 From: "Kaleb S. KEITHLEY" Date: Mon, 23 Oct 2017 09:51:44 -0400 Subject: [PATCH] 3.12.2, bz #1504256 --- ...erfsd-Dereferencing-the-null-pointer.patch | 39 +++++++++++++++++++ glusterfs.spec | 7 +++- 2 files changed, 45 insertions(+), 1 deletion(-) create mode 100644 0001-glusterfsd-Dereferencing-the-null-pointer.patch diff --git a/0001-glusterfsd-Dereferencing-the-null-pointer.patch b/0001-glusterfsd-Dereferencing-the-null-pointer.patch new file mode 100644 index 0000000..eabad8a --- /dev/null +++ b/0001-glusterfsd-Dereferencing-the-null-pointer.patch @@ -0,0 +1,39 @@ +From 87bd25b64ae34cce95e87e724acfeab4c13d60a4 Mon Sep 17 00:00:00 2001 +From: Sanju Rakonde +Date: Wed, 18 Oct 2017 08:06:24 +0530 +Subject: [PATCH] glusterfsd: Dereferencing the null pointer + +Problem: When control reaches to out, one of (iobref, iobuf, frame) can +be null.for iobref, iobuf iobref_unref() and iobuf_unref() functions +are called respectively, which are using GF_VALIDATE_OR_GOTO(), so +there won't be null pointer dereference. But for frame without null +checking STACK_DESTROY(frame->root) is called causing null pointer +dereference. + +Fix: adding a line for null checking, the function +STACK_DESTROY(frame->root) is called only when frame is not null. + +Change-Id: I3a6684c11fb7b694b81d6ad4fec3bced5562ad88 +BUG: 1503394 +Signed-off-by: Sanju Rakonde +--- + glusterfsd/src/gf_attach.c | 3 ++- + 1 file changed, 2 insertions(+), 1 deletion(-) + +diff --git a/glusterfsd/src/gf_attach.c b/glusterfsd/src/gf_attach.c +index 05119e4f4..3f248292d 100644 +--- a/glusterfsd/src/gf_attach.c ++++ b/glusterfsd/src/gf_attach.c +@@ -144,7 +144,8 @@ out: + + iobref_unref (iobref); + iobuf_unref (iobuf); +- STACK_DESTROY (frame->root); ++ if (frame) ++ STACK_DESTROY (frame->root); + + if (rpc_status != 0) { + fprintf (stderr, "got error %d on RPC\n", rpc_status); +-- +2.13.5 + diff --git a/glusterfs.spec b/glusterfs.spec index 53c36b3..e3e2a59 100644 --- a/glusterfs.spec +++ b/glusterfs.spec @@ -176,7 +176,7 @@ Summary: Distributed File System %if ( 0%{_for_fedora_koji_builds} ) Name: glusterfs Version: 3.12.2 -Release: 1%{?prereltag:.%{prereltag}}%{?dist} +Release: 2%{?prereltag:.%{prereltag}}%{?dist} %else Name: @PACKAGE_NAME@ Version: @PACKAGE_VERSION@ @@ -195,6 +195,7 @@ Source8: glusterfsd.init %else Source0: @PACKAGE_NAME@-@PACKAGE_VERSION@.tar.gz %endif +Patch0: 0001-glusterfsd-Dereferencing-the-null-pointer.patch BuildRoot: %(mktemp -ud %{_tmppath}/%{name}-%{version}-%{release}-XXXXXX) @@ -661,6 +662,7 @@ This package provides the glusterfs server daemon. %prep %setup -q -n %{name}-%{version}%{?prereltag} +%patch0 -p1 %build %if ( 0%{?rhel} && 0%{?rhel} < 6 ) @@ -1383,6 +1385,9 @@ exit 0 %endif %changelog +* Mon Oct 23 2017 Kaleb S. KEITHLEY - 3.12.2-2 +- 3.12.2, bz #1504256 + * Fri Oct 13 2017 Kaleb S. KEITHLEY - 3.12.2-1 - 3.12.2 GA