akonadi-server/fix-read-after-free-collectionstatistics.diff

66 lines
2.4 KiB
Diff

From: Daniel Vrátil <dvratil@kde.org>
Date: Tue, 21 Jun 2016 09:54:43 +0000
Subject: Fix read-after-free in CollectionStatistics
X-Git-Url: http://quickgit.kde.org/?p=akonadi.git&a=commitdiff&h=6f32336be990362c7f74d17f6225bc7345242f6c
---
Fix read-after-free in CollectionStatistics
CollectionStatistics lives in a separate thread. Returning the Statistics
structure as a reference to other threads than means that the structure
can be deleted in the CollectionStatistics thread while other threads
are still holding a reference. We now return a copy of the Statistics
struct instead, it's just four ints.
Thanks to Andreas Schneider for pointing out the issue.
---
--- a/src/server/handler/status.cpp
+++ b/src/server/handler/status.cpp
@@ -39,7 +39,7 @@
return failureResponse("No status for this folder");
}
- const CollectionStatistics::Statistics &stats = CollectionStatistics::self()->statistics(col);
+ const CollectionStatistics::Statistics stats = CollectionStatistics::self()->statistics(col);
if (stats.count == -1) {
return failureResponse("Failed to query statistics.");
}
--- a/src/server/handlerhelper.cpp
+++ b/src/server/handlerhelper.cpp
@@ -123,7 +123,7 @@
response.setIsVirtual(col.isVirtual());
if (includeStatistics) {
- const CollectionStatistics::Statistics &stats = CollectionStatistics::self()->statistics(col);
+ const CollectionStatistics::Statistics stats = CollectionStatistics::self()->statistics(col);
if (stats.count > -1) {
Protocol::FetchCollectionStatsResponse statsResponse(stats.count,
stats.count - stats.read,
--- a/src/server/storage/collectionstatistics.cpp
+++ b/src/server/storage/collectionstatistics.cpp
@@ -45,7 +45,7 @@
mCache.remove(col.id());
}
-const CollectionStatistics::Statistics &CollectionStatistics::statistics(const Collection &col)
+const CollectionStatistics::Statistics CollectionStatistics::statistics(const Collection &col)
{
QMutexLocker lock(&mCacheLock);
auto it = mCache.find(col.id());
--- a/src/server/storage/collectionstatistics.h
+++ b/src/server/storage/collectionstatistics.h
@@ -53,7 +53,7 @@
static CollectionStatistics *self();
- const Statistics &statistics(const Collection &col);
+ const Statistics statistics(const Collection &col);
void invalidateCollection(const Collection &col);
private: