[td-225] fix invalid read in taocache
This commit is contained in:
Haojun Liao
parent
cf840735e2
commit
4be7a595bb
|
|
@ -47,7 +47,7 @@ typedef struct SCacheDataNode {
|
|||
typedef struct STrashElem {
|
||||
struct STrashElem *prev;
|
||||
struct STrashElem *next;
|
||||
SCacheDataNode * pData;
|
||||
SCacheDataNode *pData;
|
||||
} STrashElem;
|
||||
|
||||
typedef struct {
|
||||
|
|
|
|||
|
|
@ -529,7 +529,7 @@ void taosHashTableResize(SHashObj *pHashObj) {
|
|||
}
|
||||
|
||||
SHashNode *doCreateHashNode(const void *key, size_t keyLen, const void *pData, size_t dsize, uint32_t hashVal) {
|
||||
size_t totalSize = dsize + sizeof(SHashNode) + keyLen + 1; // one extra byte for null
|
||||
size_t totalSize = dsize + sizeof(SHashNode) + keyLen;
|
||||
|
||||
SHashNode *pNewNode = calloc(1, totalSize);
|
||||
if (pNewNode == NULL) {
|
||||
|
|
@ -544,7 +544,6 @@ SHashNode *doCreateHashNode(const void *key, size_t keyLen, const void *pData, s
|
|||
pNewNode->keyLen = keyLen;
|
||||
|
||||
pNewNode->hashVal = hashVal;
|
||||
|
||||
return pNewNode;
|
||||
}
|
||||
|
||||
|
|
@ -559,7 +558,6 @@ SHashNode *doUpdateHashNode(SHashNode *pNode, const void *key, size_t keyLen, co
|
|||
memcpy(pNewNode->data, pData, dsize);
|
||||
|
||||
pNewNode->key = pNewNode->data + dsize;
|
||||
|
||||
assert(memcmp(pNewNode->key, key, keyLen) == 0 && keyLen == pNewNode->keyLen);
|
||||
|
||||
memcpy(pNewNode->key, key, keyLen);
|
||||
|
|
|
|||
|
|
@ -77,7 +77,7 @@ static FORCE_INLINE void taosFreeNode(void *data) {
|
|||
* @param lifespan total survial expiredTime from now
|
||||
* @return SCacheDataNode
|
||||
*/
|
||||
static SCacheDataNode *taosCreateHashNode(const char *key, size_t keyLen, const char *pData, size_t size,
|
||||
static SCacheDataNode *taosCreateCacheNode(const char *key, size_t keyLen, const char *pData, size_t size,
|
||||
uint64_t duration) {
|
||||
size_t totalSize = size + sizeof(SCacheDataNode) + keyLen + 1;
|
||||
|
||||
|
|
@ -242,13 +242,14 @@ static SCacheDataNode *taosUpdateCacheImpl(SCacheObj *pCacheObj, SCacheDataNode
|
|||
|
||||
// only a node is not referenced by any other object, in-place update it
|
||||
if (T_REF_VAL_GET(pNode) == 0) {
|
||||
size_t newSize = sizeof(SCacheDataNode) + dataSize + keyLen;
|
||||
size_t newSize = sizeof(SCacheDataNode) + dataSize + keyLen + 1;
|
||||
|
||||
pNewNode = (SCacheDataNode *)realloc(pNode, newSize);
|
||||
if (pNewNode == NULL) {
|
||||
return NULL;
|
||||
}
|
||||
|
||||
memset(pNewNode, 0, newSize);
|
||||
pNewNode->signature = (uint64_t)pNewNode;
|
||||
memcpy(pNewNode->data, pData, dataSize);
|
||||
|
||||
|
|
@ -267,7 +268,7 @@ static SCacheDataNode *taosUpdateCacheImpl(SCacheObj *pCacheObj, SCacheDataNode
|
|||
} else {
|
||||
taosCacheMoveToTrash(pCacheObj, pNode);
|
||||
|
||||
pNewNode = taosCreateHashNode(key, keyLen, pData, dataSize, duration);
|
||||
pNewNode = taosCreateCacheNode(key, keyLen, pData, dataSize, duration);
|
||||
if (pNewNode == NULL) {
|
||||
return NULL;
|
||||
}
|
||||
|
|
@ -293,7 +294,7 @@ static SCacheDataNode *taosUpdateCacheImpl(SCacheObj *pCacheObj, SCacheDataNode
|
|||
*/
|
||||
static FORCE_INLINE SCacheDataNode *taosAddToCacheImpl(SCacheObj *pCacheObj, const char *key, size_t keyLen, const void *pData,
|
||||
size_t dataSize, uint64_t duration) {
|
||||
SCacheDataNode *pNode = taosCreateHashNode(key, keyLen, pData, dataSize, duration);
|
||||
SCacheDataNode *pNode = taosCreateCacheNode(key, keyLen, pData, dataSize, duration);
|
||||
if (pNode == NULL) {
|
||||
return NULL;
|
||||
}
|
||||
|
|
|
|||
Loading…
Reference in New Issue