8000 [3.8] Fixed a potential use-after-free on Windows. (#15265) · rnshah9/arangodb@1feed6f · GitHub
[go: up one dir, main page]
Skip to content

Commit 1feed6f

Browse files
mpoeterjsteemannKVS85
authored
[3.8] Fixed a potential use-after-free on Windows. (arangodb#15265)
* Fixed a potential use-after-free on Windows. * fix compile error * Update arangod/Graph/WeightedEnumerator.cpp * Update CHANGELOG Co-authored-by: jsteemann <jsteemann@users.noreply.github.com> Co-authored-by: Vadim <vadim@arangodb.com>
1 parent 7963235 commit 1feed6f

11 files changed

+43
-13
lines changed

CHANGELOG

Lines changed: 4 additions & 0 deletions
Original file line numberDiff line numberDiff line change
@@ -1,6 +1,10 @@
11
v3.8.5 (XXXX-XX-XX)
22
-------------------
33

4+
* Fix GitHub issue #15084. Fixed a potential use-after-free on Windows for
5+
queries that used the NeighborsEnumerator (though other PathEnumerators might
6+
have been affected as well).
7+
48
* BTS-624: The `move-calculations-up` optimization rule is now also applied to
59
subqueries, when they don't have dependencies on the outer nodes, don't have
610
modification nodes and don't read their own writes. This fixed the execution

arangod/Cluster/ClusterTraverser.cpp

Lines changed: 1 addition & 0 deletions
Original file line numberDiff line numberDiff line change
@@ -90,6 +90,7 @@ void ClusterTraverser::clear() {
9090
#ifdef ARANGODB_ENABLE_MAINTAINER_MODE
9191
TRI_ASSERT(!_vertexGetter->pointsIntoTraverserCache());
9292
#endif
93+
_enumerator->clear();
9394
traverserCache()->clear();
9495
}
9596

arangod/Graph/BreadthFirstEnumerator.cpp

Lines changed: 7 additions & 3 deletions
Original file line numberDiff line numberDiff line change
@@ -55,17 +55,21 @@ BreadthFirstEnumerator::~BreadthFirstEnumerator() {
5555
_opts->resourceMonitor().decreaseMemoryUsage(_schreier.capacity() * pathStepSize());
5656
}
5757

58-
void BreadthFirstEnumerator::setStartVertex(arangodb::velocypack::StringRef startVertex) {
59-
PathEnumerator::setStartVertex(startVertex);
60-
58+
void BreadthFirstEnumerator::clear() {
6159
_schreier.clear();
6260
_schreierIndex = 0;
6361
_lastReturned = 0;
6462
_nextDepth.clear();
6563
_toSearch.clear();
6664
_currentDepth = 0;
6765
_toSearchPos = 0;
66+
}
6867

68+
void BreadthFirstEnumerator::setStartVertex(arangodb::velocypack::StringRef startVertex) {
69+
PathEnumerator::setStartVertex(startVertex);
70+
71+
clear();
72+
6973
growStorage();
7074
_schreier.emplace_back(startVertex);
7175
_toSearch.emplace_back(NextStep(0));

arangod/Graph/BreadthFirstEnumerator.h

Lines changed: 3 additions & 1 deletion
Original file line numberDiff line numberDiff line change
@@ -105,7 +105,9 @@ class BreadthFirstEnumerator final : public arangodb::traverser::PathEnumerator
105105
arangodb::traverser::TraverserOptions* opts);
106106

107107
~BreadthFirstEnumerator();
108-
108+
109+
void clear() final;
110+
109111
void setStartVertex(arangodb::velocypack::StringRef startVertex) override;
110112

111113
/// @brief Get the next Path element from the traversal.

arangod/Graph/NeighborsEnumerator.cpp

Lines changed: 7 additions & 3 deletions
Original file line numberDiff line numberDiff line change
@@ -43,15 +43,19 @@ NeighborsEnumerator::NeighborsEnumerator(Traverser* traverser, TraverserOptions*
4343
TRI_ASSERT(!opts->hasDepthLookupInfo());
4444
}
4545

46-
void NeighborsEnumerator::setStartVertex(arangodb::velocypack::StringRef startVertex) {
47-
PathEnumerator::setStartVertex(startVertex);
48-
46+
void NeighborsEnumerator::clear() {
4947
_allFound.clear();
5048
_currentDepth.clear();
5149
_lastDepth.clear();
5250
_iterator = _currentDepth.end();
5351
_toPrune.clear();
5452
_searchDepth = 0;
53+
}
54+
55+
void NeighborsEnumerator::setStartVertex(arangodb::velocypack::StringRef startVertex) {
56+
PathEnumerator::setStartVertex(startVertex);
57+
58+
clear();
5559

5660
_allFound.insert(startVertex);
5761
_currentDepth.insert(startVertex);

arangod/Graph/NeighborsEnumerator.h

Lines changed: 2 additions & 0 deletions
Original file line numberDiff line numberDiff line change
@@ -48,6 +48,8 @@ class NeighborsEnumerator final : public arangodb::traverser::PathEnumerator {
4848

4949
~NeighborsEnumerator() = default;
5050

51+
void clear() final;
52+
5153
void setStartVertex(arangodb::velocypack::StringRef startVertex) override;
5254

5355
/// @brief Get the next Path element from the traversal.

arangod/Graph/PathEnumerator.h

Lines changed: 4 additions &a 9E88 mp; 0 deletions
Original file line numberDiff line numberDiff line change
@@ -119,6 +119,8 @@ class PathEnumerator {
119119

120120
virtual ~PathEnumerator();
121121

122+
virtual void clear() = 0;
123+
122124
/// @brief set start vertex and reset
123125
/// note that the caller *must* guarantee that the string data pointed to by
124126
/// startVertex remains valid even after the call to reset()!!
@@ -167,6 +169,8 @@ class DepthFirstEnumerator final : public PathEnumerator {
167169

168170
~DepthFirstEnumerator();
169171

172+
void clear() override {}
173+
170174
/// @brief set start vertex and reset
171175
void setStartVertex(arangodb::velocypack::StringRef startVertex) override;
172176

arangod/Graph/SingleServerTraverser.cpp

Lines changed: 1 addition & 0 deletions
Original file line numberDiff line numberDiff line change
@@ -77,6 +77,7 @@ void SingleServerTraverser::clear() {
7777
#ifdef ARANGODB_ENABLE_MAINTAINER_MODE
7878
TRI_ASSERT(!_vertexGetter->pointsIntoTraverserCache());
7979
#endif
80+
_enumerator->clear();
8081
traverserCache()->clear();
8182
}
8283

arangod/Graph/WeightedEnumerator.cpp

Lines changed: 5 additions & 3 deletions
Original file line numberDiff line numberDiff line change
@@ -57,14 +57,16 @@ WeightedEnumerator::WeightedEnumerator(Traverser* traverser, TraverserOptions* o
5757
_schreier.reserve(32);
5858
}
5959

60-
void WeightedEnumerator::setStartVertex(arangodb::velocypack::StringRef startVertex) {
61-
PathEnumerator::setStartVertex(startVertex);
62-
60+
void WeightedEnumerator::clear() {
6361
_schreier.clear();
6462
_schreierIndex = 0;
6563
_lastReturned = 0;
6664
_queue.clear();
65+
}
6766

67+
void WeightedEnumerator::setStartVertex(arangodb::velocypack::StringRef startVertex) {
68+
PathEnumerator::setStartVertex(startVertex);
69+
clear();
6870
_schreier.emplace_back(startVertex);
6971
}
7072

arangod/Graph/WeightedEnumerator.h

Lines changed: 2 additions & 0 deletions
Original file line numberDiff line numberDiff line change
@@ -129,6 +129,8 @@ class WeightedEnumerator final : public arangodb::traverser::PathEnumerator {
129129

130130
~WeightedEnumerator() = default;
131131

132+
void clear() final;
133+
132134
void setStartVertex(arangodb::velocypack::StringRef startVertex) override;
133135

134136
/// @brief Get the next Path element from the traversal.

0 commit comments

Comments
 (0)
0