Re: Review Request 50163: Fixed a memory lifetime issue in LibeventSSLSocketImp::send.

Mon, 18 Jul 2016 15:02:04 -0700 

-----------------------------------------------------------
This is an automatically generated e-mail. To reply, visit:
https://reviews.apache.org/r/50163/#review142646
-----------------------------------------------------------


Fix it, then Ship it!





3rdparty/libprocess/src/libevent_ssl_socket.cpp (lines 714 - 715)
<https://reviews.apache.org/r/50163/#comment208270>

    I think it's ok to do a `CHECK` on the result of `evbuffer_add` if you test 
`buffer` for `nullptr` first.
    We should return a failure if the allocation failed though right?



3rdparty/libprocess/src/libevent_ssl_socket.cpp (line 715)
<https://reviews.apache.org/r/50163/#comment208268>

    Let's pull out the side-effect and feed it to the check.



3rdparty/libprocess/src/libevent_ssl_socket.cpp (lines 735 - 736)
<https://reviews.apache.org/r/50163/#comment208272>

    Why `CHECK` vs `Failure`?



3rdparty/libprocess/src/libevent_ssl_socket.cpp (line 736)
<https://reviews.apache.org/r/50163/#comment208271>

    Same issue with pulling side-effects out of `CHECK`s.


- Joris Van Remoortere


On July 18, 2016, 9:40 p.m., Benjamin Mahler wrote:
> 
> -----------------------------------------------------------
> This is an automatically generated e-mail. To reply, visit:
> https://reviews.apache.org/r/50163/
> -----------------------------------------------------------
> 
> (Updated July 18, 2016, 9:40 p.m.)
> 
> 
> Review request for mesos, Joris Van Remoortere and Joseph Wu.
> 
> 
> Repository: mesos
> 
> 
> Description
> -------
> 
> This function accidentally assumed that 'data' will live beyond the
> scope of the call, by using 'data' within an asynchronous context.
> 
> This copies the data into an 'evbuffer' which will then get moved
> into the output buffer in the event loop. Note that this does not
> introduce an additional copy: we still have a single copy to get
> 'data' into the bufferevent output buffer.
> 
> AFAICT, this bug is currently not triggered from any of the calling
> code because each call-site deletes the 'data' after the Future
> completes (it appears that the 'send_callback' will be executed
> *after* the call to bufferevent_write and after the output buffer
> is flushed).
> 
> 
> Diffs
> -----
> 
>   3rdparty/libprocess/src/libevent_ssl_socket.cpp 
> 2e7f33241b5291593cac4ea4c8f0351c19f7f0c2 
> 
> Diff: https://reviews.apache.org/r/50163/diff/
> 
> 
> Testing
> -------
> 
> make check
> 
> 
> Thanks,
> 
> Benjamin Mahler
> 
>

Reply via email to