From 8842922a39b8fe77e1037afd9cbafe3bc09fd12b Mon Sep 17 00:00:00 2001
From: "chentao.2022" <chentao.2022@bytedance.com>
Date: Mon, 24 Jun 2024 11:23:27 +0800
Subject: [PATCH] cephfs: Fixed a bug in the readdir_cache_cb function that may
 have used freed memory after the _getattr operation returned

Fixes: https://tracker.ceph.com/issues/56288
Signed-off-by: Tod Chen <chentao.2022@bytedance.com>
(cherry picked from commit a71c9dd7e57a6a1dd64ccfb67f24c2a7cf29f652
---
 src/client/Client.cc | 6 ++++++
 1 file changed, 6 insertions(+)

diff --git a/src/client/Client.cc b/src/client/Client.cc
index a84e69f38f2..571ecd463f0 100644
--- a/src/client/Client.cc
+++ b/src/client/Client.cc
@@ -9382,6 +9382,12 @@ int Client::_readdir_cache_cb(dir_result_t *dirp, add_dirent_cb_t cb, void *p,
     int r = _getattr(dn->inode, mask, dirp->perms);
     if (r < 0)
       return r;
+
+    /* fix https://tracker.ceph.com/issues/56288 */
+    if (dirp->inode->dir == NULL) {
+      ldout(cct, 0) << " dir is closed, so we should return" << dendl;
+      return -CEPHFS_EAGAIN;
+    }
     
     // the content of readdir_cache may change after _getattr(), so pd may be invalid iterator    
     pd = dir->readdir_cache.begin() + idx;
-- 
2.39.5