Michael Smith has posted comments on this change. ( http://gerrit.cloudera.org:8080/22503 )
Change subject: IMPALA-13771: Fix heap-use-after-free in Cluster Membership Manager ...................................................................... Patch Set 3: (1 comment) http://gerrit.cloudera.org:8080/#/c/22503/2/be/src/scheduling/cluster-membership-mgr.cc File be/src/scheduling/cluster-membership-mgr.cc: http://gerrit.cloudera.org:8080/#/c/22503/2/be/src/scheduling/cluster-membership-mgr.cc@309 PS2, Line 309: new_backend_map->erase(item.key); > And just to confirm, does it matter if _removeCoordIfExists called before/a be_desc is being used read-only to update new_state->all_coordinators. So I think this change makes sense. erase needs to happen after because it invalidates be_desc, which led to heap-use-after-free when reading it in _removeCoordIfExists. -- To view, visit http://gerrit.cloudera.org:8080/22503 To unsubscribe, visit http://gerrit.cloudera.org:8080/settings Gerrit-Project: Impala-ASF Gerrit-Branch: master Gerrit-MessageType: comment Gerrit-Change-Id: I4fd2c9faa6daba9274f38238b952c377a07794e9 Gerrit-Change-Number: 22503 Gerrit-PatchSet: 3 Gerrit-Owner: Jason Fehr <[email protected]> Gerrit-Reviewer: Jason Fehr <[email protected]> Gerrit-Reviewer: Michael Smith <[email protected]> Gerrit-Reviewer: Riza Suminto <[email protected]> Gerrit-Comment-Date: Wed, 19 Feb 2025 22:09:04 +0000 Gerrit-HasComments: Yes
