[asterisk-bugs] [Asterisk 0014682]: [patch] Race condition in ast_db_get()
Asterisk Bug Tracker
noreply at bugs.digium.com
Tue Mar 17 00:50:53 CDT 2009
A NOTE has been added to this issue.
======================================================================
http://bugs.digium.com/view.php?id=14682
======================================================================
Reported By: makoto
Assigned To:
======================================================================
Project: Asterisk
Issue ID: 14682
Category: Core/General
Reproducibility: sometimes
Severity: minor
Priority: normal
Status: feedback
Asterisk Version: 1.2.X
Regression: No
SVN Branch (only for SVN checkouts, not tarball releases): N/A
SVN Revision (number only!):
Request Review:
======================================================================
Date Submitted: 2009-03-16 20:07 CDT
Last Modified: 2009-03-17 00:50 CDT
======================================================================
Summary: [patch] Race condition in ast_db_get()
Description:
ast_db_get() may retrieve a wrong value because the data are copied
to the variable value after dblock is unlocked.
The copy should be done before unlock.
This can be reproduced on our cutomer's environment which is based on
Asterisk 1.2.18. I don't test it on the 1.4.x yet, but I believe that
this can be reproduced also on Asterisk 1.4 or later.
Attached patch will fix the problem.
======================================================================
----------------------------------------------------------------------
(0101840) svnbot (reporter) - 2009-03-17 00:50
http://bugs.digium.com/view.php?id=14682#c101840
----------------------------------------------------------------------
Repository: asterisk
Revision: 182449
U branches/1.4/main/db.c
------------------------------------------------------------------------
r182449 | tilghman | 2009-03-17 00:50:52 -0500 (Tue, 17 Mar 2009) | 7
lines
Fix race in astdb
The underlying db1 implementation does not fully isolate the pages
retrieved
from astdb, so the lock protecting accesses needs to be extended until the
copy from the shared memory structure is done.
(closes issue http://bugs.digium.com/view.php?id=14682)
Reported by: makoto
------------------------------------------------------------------------
http://svn.digium.com/view/asterisk?view=rev&revision=182449
Issue History
Date Modified Username Field Change
======================================================================
2009-03-17 00:50 svnbot Checkin
2009-03-17 00:50 svnbot Note Added: 0101840
======================================================================
More information about the asterisk-bugs
mailing list