You are viewing a plain text version of this content. The canonical link for it is here.
Posted to issues@nifi.apache.org by "Ferenc Gerlits (Jira)" <ji...@apache.org> on 2020/09/14 07:53:00 UTC

[jira] [Resolved] (MINIFICPP-1353) Fix heap-use-after-free errors

     [ https://issues.apache.org/jira/browse/MINIFICPP-1353?page=com.atlassian.jira.plugin.system.issuetabpanels:all-tabpanel ]

Ferenc Gerlits resolved MINIFICPP-1353.
---------------------------------------
    Resolution: Fixed

> Fix heap-use-after-free errors
> ------------------------------
>
>                 Key: MINIFICPP-1353
>                 URL: https://issues.apache.org/jira/browse/MINIFICPP-1353
>             Project: Apache NiFi MiNiFi C++
>          Issue Type: Bug
>            Reporter: Ferenc Gerlits
>            Assignee: Ferenc Gerlits
>            Priority: Minor
>              Labels: MiNiFi-CPP-Hygiene
>             Fix For: 0.9.0
>
>          Time Spent: 40m
>  Remaining Estimate: 0h
>
> Address sanitizer finds one heap-use-after-free error when run on the unit tests:
> {noformat}
> ==26761==ERROR: AddressSanitizer: heap-use-after-free on address 0x60600002c4a8 at pc 0x55d957b02e44 bp 0x7f6e736875d0 sp 0x7f6e736875c0
> WRITE of size 1 at 0x60600002c4a8 thread T56
>     #0 0x55d957b02e43 in std::__atomic_base<bool>::store(bool, std::memory_order) /usr/include/c++/8/bits/atomic_base.h:374
>     #1 0x55d957b02e43 in std::__atomic_base<bool>::operator=(bool) /usr/include/c++/8/bits/atomic_base.h:267
>     #2 0x55d957acb3c8 in std::atomic<bool>::operator=(bool) /usr/include/c++/8/atomic:79
>     #3 0x55d9581a02b9 in org::apache::nifi::minifi::utils::HTTPClient::forceClose() /home/fgerlits/src/minifi2/extensions/http-curl/client/HTTPClient.cpp:75
>     #4 0x55d9581a00f1 in org::apache::nifi::minifi::utils::HTTPClient::~HTTPClient() /home/fgerlits/src/minifi2/extensions/http-curl/client/HTTPClient.cpp:64
>     #5 0x55d9581c9f00 in org::apache::nifi::minifi::processors::InvokeHTTP::onTrigger(std::shared_ptr<org::apache::nifi::minifi::core::ProcessContext> const&, std::shared_ptr<org::apache::nifi::minifi::core::ProcessSession> const&) /home/fgerlits/src/minifi2/extensions/http-curl/processors/InvokeHTTP.cpp:286
> [...]
> 0x60600002c4a8 is located 40 bytes inside of 64-byte region [0x60600002c480,0x60600002c4c0)
> freed by thread T56 here:
>     #0 0x7f6e795c8a50 in operator delete(void*) (/usr/lib/x86_64-linux-gnu/libasan.so.5+0xf0a50)
>     #1 0x55d9581970e3 in std::default_delete<org::apache::nifi::minifi::utils::HTTPUploadCallback>::operator()(org::apache::nifi::minifi::utils::HTTPUploadCallback*) const /usr/include/c++/8/bits/unique_ptr.h:81
>     #2 0x55d958195e2a in std::unique_ptr<org::apache::nifi::minifi::utils::HTTPUploadCallback, std::default_delete<org::apache::nifi::minifi::utils::HTTPUploadCallback> >::~unique_ptr() /usr/include/c++/8/bits/unique_ptr.h:277
>     #3 0x55d9581c9ee2 in org::apache::nifi::minifi::processors::InvokeHTTP::onTrigger(std::shared_ptr<org::apache::nifi::minifi::core::ProcessContext> const&, std::shared_ptr<org::apache::nifi::minifi::core::ProcessSession> const&) /home/fgerlits/src/minifi2/extensions/http-curl/processors/InvokeHTTP.cpp:306
> [...]
> previously allocated by thread T56 here:
>     #0 0x7f6e795c7ba0 in operator new(unsigned long) (/usr/lib/x86_64-linux-gnu/libasan.so.5+0xefba0)
>     #1 0x55d9581c86f7 in org::apache::nifi::minifi::processors::InvokeHTTP::onTrigger(std::shared_ptr<org::apache::nifi::minifi::core::ProcessContext> const&, std::shared_ptr<org::apache::nifi::minifi::core::ProcessSession> const&) /home/fgerlits/src/minifi2/extensions/http-curl/processors/InvokeHTTP.cpp:313
> [...]
> {noformat}
> Fix this bug.



--
This message was sent by Atlassian Jira
(v8.3.4#803005)