Rob Wu created DRILL-7047:
-----------------------------
Summary: Drill C++ Client crash due to Dangling stack ptr to
sasl_callback_t
Key: DRILL-7047
URL: https://issues.apache.org/jira/browse/DRILL-7047
Project: Apache Drill
Issue Type: Bug
Components: Client - C++
Affects Versions: 1.14.0
Reporter: Rob Wu
Assignee: Debraj Ray
Fix For: 1.16.0
The sasl_client_new does not copy its callback argument array, resulting in a
pointer to transient stack memory.
[~debraj92] will be supplying a patch to resolve this issue. This patch moves
the callbacks array into the member variable m_callbacks which has the same
lifetime as the sasl impl instance and thus will remain valid until the end of
life.
Trace:
{code:java}
#0 0x00000080 in ?? ()
#1 0xb38c04bc in _sasl_canon_user ()
from libdrillClient.so
#2 0xb38c0611 in _sasl_canon_user_lookup ()
from libdrillClient.so
#3 0xb2c0824e in gssapi_client_mech_step () from /usr/lib/sasl2/libgssapiv2.so
#4 0xb38ad244 in sasl_client_step ()
from libdrillClient.so
#5 0xb37fddde in Drill::SaslAuthenticatorImpl::step(exec::shared::SaslMessage
const&, exec::shared::SaslMessage&) const ()
from libdrillClient.so
#6 0xb37bdf16 in
Drill::DrillClientImpl::processSaslChallenge(Drill::AllocatedBuffer*,
Drill::rpc::InBoundRpcMessage const&) ()
from libdrillClient.so
#7 0xb37bfa17 in Drill::DrillClientImpl::handleRead(unsigned char*,
boost_sb::system::error_code const&, unsigned int) ()
from libdrillClient.so
#8 0xb37c0955 in
boost_sb::detail::function::void_function_obj_invoker2<boost_sb::_bi::bind_t<void,
boost_sb::_mfi::mf3<void, Drill::DrillClientImpl, unsigned char*,
boost_sb::system::error_code const&, unsigned int>,
boost_sb::_bi::list4<boost_sb::_bi::value<Drill::DrillClientImpl*>,
boost_sb::_bi::value<unsigned char*>, boost_sb::arg<1> (*)(), boost_sb::arg<2>
(*)()> >, void, boost_sb::system::error_code const&, unsigned
int>::invoke(boost_sb::detail::function::function_buffer&,
boost_sb::system::error_code const&, unsigned int) ()
from libdrillClient.so
#9 0xb378f17d in boost_sb::function2<void, boost_sb::system::error_code const&,
unsigned int>::operator()(boost_sb::system::error_code const&, unsigned int)
const
() from libdrillClient.so
#10 0xb3799bc8 in boost_sb::asio::detail::read_op<Drill::Socket,
boost_sb::asio::mutable_buffers_1, boost_sb::asio::mutable_buffer const*,
boost_sb::asio::detail::transfer_all_t, boost_sb::function<void
(boost_sb::system::error_code const&, unsigned int)>
>::operator()(boost_sb::system::error_code const&, unsigned int, int) ()
from libdrillClient.so
#11 0xb379a1c3 in
boost_sb::asio::detail::reactive_socket_recv_op<boost_sb::asio::mutable_buffers_1,
boost_sb::asio::detail::read_op<Drill::Socket,
boost_sb::asio::mutable_buffers_1, boost_sb::asio::mutable_buffer const*,
boost_sb::asio::detail::transfer_all_t, boost_sb::function<void
(boost_sb::system::error_code const&, unsigned int)> > >::do_complete(void*,
boost_sb::asio::detail::scheduler_operation*, boost_sb::system::error_code
const&, unsigned int) ()
from libdrillClient.so
#12 0xb3788fb8 in
boost_sb::asio::detail::epoll_reactor::descriptor_state::do_complete(void*,
boost_sb::asio::detail::scheduler_operation*, boost_sb::system::error_code
const&, unsigned int) ()
from libdrillClient.so
#13 0xb3791948 in boost_sb::asio::io_context::run() ()
from libdrillClient.so
#14 0xb37c0e67 in boost_sb::detail::thread_data<boost_sb::_bi::bind_t<unsigned
int, boost_sb::_mfi::mf0<unsigned int, boost_sb::asio::io_context>,
boost_sb::_bi::list1<boost_sb::_bi::value<boost_sb::asio::io_context*> > >
>::run() ()
from libdrillClient.so
#15 0xb3825f5a in thread_proxy ()
from libdrillClient.so
#16 0xb6730b3c in start_thread () from /lib/libpthread.so.0
#17 0xb64db44e in clone () from /lib/libc.so.6
{code}
--
This message was sent by Atlassian JIRA
(v7.6.3#76005)
