[dm-devel] [PATCH 01/23] multipathd: uxlsnr: avoid deadlock on exit
Martin Wilck
mwilck at suse.com
Sat Sep 26 13:00:58 UTC 2020
On Fri, 2020-09-25 at 20:52 -0500, Benjamin Marzinski wrote:
>
> O.k. I'm getting way into the theoretical weeds here, but I believe
> that
> realloc() is technically allowed to return NULL when it shrinks
> allocated memory. In this case num_clients would be too big. Later
> in
> this function, when we loop through num_clients
>
> for (i = 2; i < num_clients + 2; i++) {
> if (polls[i].revents & POLLIN) {
>
> We could look at an unused polls entry, since its revents doesn't get
> cleared. It's also possible that the fd of this unused entry matches
> the
> fd of an existing client. Then we could try to get a packet from a
> client that isn't sending one, and kill that client. Yeah, this will
> almost certainly never happen. But we could just zero out the
> revents
> field, or loop over the actual number of structures we polled, and
> then
> it can't happen.
I'll fix this up in this patch, and add another patch to sanitize this.
calling realloc() when the number of fds shrinks really isn't buying us
much.
Martin
More information about the dm-devel
mailing list