From mboxrd@z Thu Jan 1 00:00:00 1970 Return-Path: Received: from smtp63.i.mail.ru (smtp63.i.mail.ru [217.69.128.43]) (using TLSv1.2 with cipher ECDHE-RSA-AES256-GCM-SHA384 (256/256 bits)) (No client certificate requested) by dev.tarantool.org (Postfix) with ESMTPS id 5CBEC41D0B7 for ; Thu, 31 Oct 2019 10:35:36 +0300 (MSK) Date: Thu, 31 Oct 2019 10:35:35 +0300 From: Kirill Yukhin Message-ID: <20191031073535.zlsx5bxpkeef2zx4@tarantool.org> References: <8c4b56ae46535fd048cae9b0081ccd47eaf8ab4f.1572479749.git.v.shpilevoy@tarantool.org> MIME-Version: 1.0 Content-Type: text/plain; charset="utf-8" Content-Disposition: inline Content-Transfer-Encoding: 8bit In-Reply-To: <8c4b56ae46535fd048cae9b0081ccd47eaf8ab4f.1572479749.git.v.shpilevoy@tarantool.org> Subject: Re: [Tarantool-patches] [PATCH 1/1] access: fix use-after-free of struct credentials List-Id: Tarantool development patches List-Unsubscribe: , List-Archive: List-Post: List-Help: List-Subscribe: , To: Vladislav Shpilevoy Cc: tarantool-patches@dev.tarantool.org Hello, On 31 окт 00:57, Vladislav Shpilevoy wrote: > Func_delete() called credentials_destroy() after > func->vtab->destroy(). But appeared, that vtab->destroy() is > actually delete, and it frees the func object. Now the func's > owner credentials are destroyed before the function is freed. > > Closes #4597 > Follow up #2763 > --- > Branch: https://github.com/tarantool/tarantool/tree/gerold103/gh-4597-credentials-follow-up > Issue: https://github.com/tarantool/tarantool/issues/4597 I've checked your patch into 1.10, 2.1, 2.2 and master. -- Regards, Kirill Yukhin