From mboxrd@z Thu Jan  1 00:00:00 1970
Return-Path: <tarantool-patches-bounces@dev.tarantool.org>
Received: from [87.239.111.99] (localhost [127.0.0.1])
	by dev.tarantool.org (Postfix) with ESMTP id A5E5F6EC5E;
	Mon, 30 Aug 2021 13:34:52 +0300 (MSK)
DKIM-Filter: OpenDKIM Filter v2.11.0 dev.tarantool.org A5E5F6EC5E
DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/simple; d=tarantool.org; s=dev;
	t=1630319692; bh=Nm70XOa4ypGHik2Cf7t8QkzBncGzb6hS//DhfKWbeNI=;
	h=To:Date:In-Reply-To:References:Subject:List-Id:List-Unsubscribe:
	 List-Archive:List-Post:List-Help:List-Subscribe:From:Reply-To:Cc:
	 From;
	b=FeodtGtvMZXNx2IvoayuTU35gTozk2abW94IQypCbVirYdedCvJ+/riB9PPjzBHbO
	 sm4UPEfBuXoCTrD+yRRKZohtdpit8i+kEiToes0o2H6VSb+46DSb/dFyhAi76wcdWT
	 670rGyP/0YdpXbsYww88HArdUkbfqo5F0LPjdQdI=
Received: from smtp29.i.mail.ru (smtp29.i.mail.ru [94.100.177.89])
 (using TLSv1.2 with cipher ECDHE-RSA-AES256-GCM-SHA384 (256/256 bits))
 (No client certificate requested)
 by dev.tarantool.org (Postfix) with ESMTPS id CDE386EC5E
 for <tarantool-patches@dev.tarantool.org>;
 Mon, 30 Aug 2021 13:33:52 +0300 (MSK)
DKIM-Filter: OpenDKIM Filter v2.11.0 dev.tarantool.org CDE386EC5E
Received: by smtp29.i.mail.ru with esmtpa (envelope-from
 <sergepetrenko@tarantool.org>)
 id 1mKebw-00057R-1R; Mon, 30 Aug 2021 13:33:52 +0300
To: v.shpilevoy@tarantool.org,
	gorcunov@gmail.com
Date: Mon, 30 Aug 2021 13:33:48 +0300
Message-Id: <8f2f052fe5c362de28a8e6b472c7608902be60a2.1630319507.git.sergepetrenko@tarantool.org>
X-Mailer: git-send-email 2.30.1 (Apple Git-130)
In-Reply-To: <cover.1630319507.git.sergepetrenko@tarantool.org>
References: <cover.1630319507.git.sergepetrenko@tarantool.org>
MIME-Version: 1.0
Content-Transfer-Encoding: 8bit
X-4EC0790: 10
X-7564579A: B8F34718100C35BD
X-77F55803: 4F1203BC0FB41BD92087353F0EC44DD9ECFD080E047A606F6525B29142351271182A05F538085040F3B4432D225F85496F9B47DED86A0ACD9E780AA2B65932CED7A747C06BCA231B
X-7FA49CB5: FF5795518A3D127A4AD6D5ED66289B5278DA827A17800CE7B356E3E4D202B32AEA1F7E6F0F101C67BD4B6F7A4D31EC0BCC500DACC3FED6E28638F802B75D45FF8AA50765F79006379428F6EA0D091379EA1F7E6F0F101C6723150C8DA25C47586E58E00D9D99D84E1BDDB23E98D2D38BBCA57AF85F7723F2E85B5341B9B2D5E02927E80555C3D3A7CC7F00164DA146DAFE8445B8C89999728AA50765F79006371FEB031537767747389733CBF5DBD5E9C8A9BA7A39EFB766F5D81C698A659EA7CC7F00164DA146DA9985D098DBDEAEC84B1E592663965C8BF6B57BC7E6449061A352F6E88A58FB86F5D81C698A659EA7E827F84554CEF5019E625A9149C048EE9ECD01F8117BC8BEE2021AF6380DFAD18AA50765F790063735872C767BF85DA227C277FBC8AE2E8BB9CEE4F2B4A90F8475ECD9A6C639B01B4E70A05D1297E1BBCB5012B2E24CD356
X-C1DE0DAB: C20DE7B7AB408E4181F030C43753B8186998911F362727C414F749A5E30D975C4DDEBE0CC47FE2698CD70AB1915A0DF2C4B25BC5FEF298029C2B6934AE262D3EE7EAB7254005DCED7532B743992DF240BDC6A1CF3F042BAD6DF99611D93F60EFCDE59DDCCE53AF2B699F904B3F4130E343918A1A30D5E7FCCB5012B2E24CD356
X-C8649E89: 4E36BF7865823D7055A7F0CF078B5EC49A30900B95165D34AF61ACC197BF517A6108C65954C9C7D524DDFEA98EE33F244B28DAB8E0923A99CA00F5D1C41097071D7E09C32AA3244C812292C04F07D87863859151CD0ED7EBA95CA90A1D8AC565927AC6DF5659F194
X-D57D3AED: 3ZO7eAau8CL7WIMRKs4sN3D3tLDjz0dLbV79QFUyzQ2Ujvy7cMT6pYYqY16iZVKkSc3dCLJ7zSJH7+u4VD18S7Vl4ZUrpaVfd2+vE6kuoey4m4VkSEu530nj6fImhcD4MUrOEAnl0W826KZ9Q+tr5ycPtXkTV4k65bRjmOUUP8cvGozZ33TWg5HZplvhhXbhDGzqmQDTd6OAevLeAnq3Ra9uf7zvY2zzsIhlcp/Y7m53TZgf2aB4JOg4gkr2biojbL9S8ysBdXgXAi3N5ptsW/qTz+U9wmTW
X-Mailru-Sender: 3B9A0136629DC9125D61937A2360A446CFA7D17BA238F1280B621500EB3947A70CB6A027ED3B51D1424AE0EB1F3D1D21E2978F233C3FAE6EE63DB1732555E4A8EE80603BA4A5B0BC112434F685709FCF0DA7A0AF5A3A8387
X-Mras: Ok
Subject: [Tarantool-patches] [PATCH 2/2] box: fix uninitialized access to
 version_id in process_subscribe()
X-BeenThere: tarantool-patches@dev.tarantool.org
X-Mailman-Version: 2.1.34
Precedence: list
List-Id: Tarantool development patches <tarantool-patches.dev.tarantool.org>
List-Unsubscribe: <https://lists.tarantool.org/mailman/options/tarantool-patches>, 
 <mailto:tarantool-patches-request@dev.tarantool.org?subject=unsubscribe>
List-Archive: <https://lists.tarantool.org/pipermail/tarantool-patches/>
List-Post: <mailto:tarantool-patches@dev.tarantool.org>
List-Help: <mailto:tarantool-patches-request@dev.tarantool.org?subject=help>
List-Subscribe: <https://lists.tarantool.org/mailman/listinfo/tarantool-patches>, 
 <mailto:tarantool-patches-request@dev.tarantool.org?subject=subscribe>
From: Serge Petrenko via Tarantool-patches
 <tarantool-patches@dev.tarantool.org>
Reply-To: Serge Petrenko <sergepetrenko@tarantool.org>
Cc: tarantool-patches@dev.tarantool.org
Errors-To: tarantool-patches-bounces@dev.tarantool.org
Sender: "Tarantool-patches" <tarantool-patches-bounces@dev.tarantool.org>

version_id might be left uninitialized if replica doesn't send it in a
SUBSCRIBE request.

This could lead to unpredictable behaviour: for example, master would
randomly choose between sending and not sending Raft state to the
replica.

We were safe until now, because replicas send their version in subscribe
request since at least version 1.7.5.

Try not to depend on replica sending us its version, better always be
safe.

Follow-up #6034
---
 src/box/box.cc | 2 +-
 1 file changed, 1 insertion(+), 1 deletion(-)

diff --git a/src/box/box.cc b/src/box/box.cc
index 2c8113cbb..f98437d05 100644
--- a/src/box/box.cc
+++ b/src/box/box.cc
@@ -2850,8 +2850,8 @@ box_process_subscribe(struct ev_io *io, struct xrow_header *header)
 	struct tt_uuid replica_uuid = uuid_nil;
 	struct tt_uuid peer_replicaset_uuid = uuid_nil;
 	struct vclock replica_clock;
-	uint32_t replica_version_id;
 	vclock_create(&replica_clock);
+	uint32_t replica_version_id = 0;
 	bool anon;
 	uint32_t id_filter;
 	xrow_decode_subscribe_xc(header, &peer_replicaset_uuid, &replica_uuid,
-- 
2.30.1 (Apple Git-130)