[tarantool-patches] Re: [RFC PATCH 13/23] vinyl: fix potential use-after-free in vy_read_view_merge

• From: Vladimir Davydov <vdavydov.dev@xxxxxxxxx>
• To: tarantool-patches@xxxxxxxxxxxxx
• Date: Tue, 17 Jul 2018 13:16:51 +0300

On Sun, Jul 08, 2018 at 07:48:44PM +0300, Vladimir Davydov wrote:

If is_first_insert flag is set and vy_stmt_type(rv->tuple) equals
IPROTO_DELETE, we free rv->tuple, but then we dereference it via
an on-stack variable to check if we need to turn a REPLACE into an
INSERT or vice versa. Fix this.
---
 src/box/vy_write_iterator.c | 18 +++++++++---------
 1 file changed, 9 insertions(+), 9 deletions(-)

This one is trivial. I pushed it to 1.10.

• References:
  • [tarantool-patches] [RFC PATCH 00/23] vinyl: eliminate read on REPLACE/DELETE
    • From: Vladimir Davydov
  • [tarantool-patches] [RFC PATCH 13/23] vinyl: fix potential use-after-free in vy_read_view_merge
    • From: Vladimir Davydov

Other related posts:

• » [tarantool-patches] [RFC PATCH 13/23] vinyl: fix potential use-after-free in vy_read_view_merge- Vladimir Davydov
• » [tarantool-patches] Re: [RFC PATCH 13/23] vinyl: fix potential use-after-free in vy_read_view_merge - Vladimir Davydov

1. Home
2. tarantool-patches
3. Archive
4. 07-2018

---

• » Previous by Date
• » Next by Date
• » Related Posts
• » View list details
• » Manage your subscription

---