This is the mail archive of the
libc-alpha@sourceware.org
mailing list for the glibc project.
[patch] Fix for bz22161: ncsd: avoid dangling lock in netgroup cache timeout code
- From: DJ Delorie <dj at redhat dot com>
- To: libc-alpha at sourceware dot org
- Date: Wed, 20 Sep 2017 18:57:10 -0400
- Subject: [patch] Fix for bz22161: ncsd: avoid dangling lock in netgroup cache timeout code
- Authentication-results: sourceware.org; auth=none
- Authentication-results: ext-mx08.extmail.prod.ext.phx2.redhat.com; dmarc=none (p=none dis=none) header.from=redhat.com
- Authentication-results: ext-mx08.extmail.prod.ext.phx2.redhat.com; spf=fail smtp.mailfrom=dj at redhat dot com
- Dmarc-filter: OpenDMARC Filter v1.3.2 mx1.redhat.com ECB35C0587C5
Patch for https://sourceware.org/bugzilla/show_bug.cgi?id=22161
"From the bz: in nscd/netgroupcache.c in addinnetgrX() we call
mempool_alloc(..., 1) which takes a lock on the database. If we
exit via the "bump timeout" clause, the lock is not released."
This patch adds an unlock if mempool_alloc actually took a lock, in
the case where we return early because the timeout hasn't timed out.
Because the dangling lock is a read lock, queries to the database
continue to work. The cache prune thread eventually becomes
deadlocked, and queries stop seeing updates (i.e. they return stale
data forever).
Original patch by Al Heisner via https://bugzilla.redhat.com/show_bug.cgi?id=1277672
2017-09-20 DJ Delorie <dj@redhat.com>
* nscd/netgroupcache.c (addinnetgrX): Release read lock after
bumping timeout values.
diff --git a/nscd/netgroupcache.c b/nscd/netgroupcache.c
index cd0c3ea..3ca96f8 100644
--- a/nscd/netgroupcache.c
+++ b/nscd/netgroupcache.c
@@ -584,6 +584,8 @@ addinnetgrX (struct database_dyn *db, int fd, request_header *req,
dh->timeout = timeout;
dh->ttl = dataset->head.ttl;
++dh->nreloads;
+ if (cacheable)
+ pthread_rwlock_unlock (&db->lock);
return timeout;
}