[jira] [Closed] (IMPALA-13736) Potential Use After Free in ExecutorGroup

Jason Fehr (Jira) Fri, 07 Feb 2025 08:56:30 -0800


     [ 
https://issues.apache.org/jira/browse/IMPALA-13736?page=com.atlassian.jira.plugin.system.issuetabpanels:all-tabpanel
 ]


Jason Fehr closed IMPALA-13736.
-------------------------------
    Resolution: Fixed

> Potential Use After Free in ExecutorGroup
> -----------------------------------------
>
>                 Key: IMPALA-13736
>                 URL: https://issues.apache.org/jira/browse/IMPALA-13736
>             Project: IMPALA
>          Issue Type: Bug
>            Reporter: Jason Fehr
>            Assignee: Jason Fehr
>            Priority: Critical
>              Labels: backend
>
> The ExecutorGroup class contains a potential use-after-free bug in the 
> RemoveExecutor() function.  Since this function's one parameter is an object 
> reference, the remove function call 
> [here|https://github.com/apache/impala/blob/35c6a0b76d6c41c6b120d0c1eae7023bee518502/be/src/scheduling/executor-group.cc#L154]
>  has the potential to destroy the same object that was passed in.  Then, when 
> that object is referenced 
> [here|https://github.com/apache/impala/blob/35c6a0b76d6c41c6b120d0c1eae7023bee518502/be/src/scheduling/executor-group.cc#L155]
>  and 
> [here|https://github.com/apache/impala/blob/35c6a0b76d6c41c6b120d0c1eae7023bee518502/be/src/scheduling/executor-group.cc#L160-L161],
>  garbage is returned.



--
This message was sent by Atlassian Jira
(v8.20.10#820010)

[jira] [Closed] (IMPALA-13736) Potential Use After Free in ExecutorGroup

Reply via email to