[Tarantool-patches] [PATCH] relay: fix use after free in subscribe_f
Kirill Yukhin
kyukhin at tarantool.org
Fri May 14 10:44:45 MSK 2021
Hello,
On 12 май 14:39, Serge Petrenko via Tarantool-patches wrote:
> relay_subscribe_f() remembered old recovery pointer, which might be
> replaced by relay_restart_recovery() if a raft message is delivered during
> cbus_process() loop in relay_send_is_raft_enabled().
>
> Fix the issue by moving variable initialization below
> relay_send_is_raft_enabled()
>
> Closes #6031
> ---
> https://github.com/tarantool/tarantool/issues/6031
> https://github.com/tarantool/tarantool/tree/sp/gh-6031-use-after-free
I've checked your patch into 2.8 and master.
--
Regards, Kirill Yukhin
More information about the Tarantool-patches
mailing list