Skip to content
New issue

Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.

Sign up for GitHub

By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.

Already on GitHub? Sign in to your account

Jump to bottom

Fix invalid memory access on the first pending batch receive callback #441

Merged
merged 1 commit into from
Aug 21, 2024
Merged

Fix invalid memory access on the first pending batch receive callback #441

merged 1 commit into from
Aug 21, 2024

Conversation

BewareMyPower
Copy link
Contributor

Motivation

pulsar-client-cpp/lib/ConsumerImplBase.cc

Lines 109 to 112 in 5940cb5

OpBatchReceive& batchReceive = batchPendingReceives_.front();
batchPendingReceives_.pop();
lock.unlock();
notifyBatchPendingReceivedCallback(batchReceive.batchReceiveCallback_);

In the code above, batchReceive is a reference to the first element in the queue (batchPendingReceives_). After pop(), the memory would be invalid to access, which might cause unexpected crash.

Modifications

Add a popBatchReceiveCallback method that moves the callback from the first element in batchPendingReceives_. Use this method to replace error-prone front() - pop() calls.

@BewareMyPower BewareMyPower self-assigned this Aug 21, 2024
@BewareMyPower BewareMyPower added the bug Something isn't working label Aug 21, 2024
@BewareMyPower BewareMyPower added this to the 3.6.0 milestone Aug 21, 2024
@BewareMyPower
Copy link
Contributor Author

This is an example crash frame in production:

frame #3: 0x0000ffff6efa846c pulsar.node`pulsar::ConsumerImplBase::notifyBatchPendingReceivedCallback(this=0x0000ffff54009a60) at ConsumerImplBase.cc:112:43

lhotari
lhotari approved these changes Aug 21, 2024
View reviewed changes
Copy link
Member

@lhotari lhotari left a comment

Choose a reason for hiding this comment

The reason will be displayed to describe this comment to others. Learn more.

LGTM. Good work @BewareMyPower

@BewareMyPower BewareMyPower merged commit 2ec734b into apache:main Aug 21, 2024
15 checks passed
@BewareMyPower BewareMyPower deleted the bewaremypower/fix-batch-receive-ub branch August 21, 2024 12:44
shibd pushed a commit to shibd/pulsar-client-cpp that referenced this pull request Aug 21, 2024
@BewareMyPower @shibd
Fix invalid memory access on the first pending batch receive callback (
2531145 
…apache#441)

(cherry picked from commit 2ec734b)
Sign up for free to join this conversation on GitHub. Already have an account? Sign in to comment
Reviewers

@lhotari lhotari lhotari approved these changes

@merlimat merlimat Awaiting requested review from merlimat

@RobertIndie RobertIndie Awaiting requested review from RobertIndie

@shibd shibd Awaiting requested review from shibd

Assignees

@BewareMyPower BewareMyPower

Labels
bug Something isn't working
Projects
None yet
Milestone
3.6.0
Development

Successfully merging this pull request may close these issues.
2 participants
@BewareMyPower @lhotari