From da91842b6cacec8a85ac572b117c7d3562102056 Mon Sep 17 00:00:00 2001 From: Willy Tarreau Date: Fri, 19 Nov 2021 17:25:41 +0100 Subject: [PATCH] BUG/MEDIUM: cache/cli: make "show cache" thread-safe The "show cache" command restarts from the previous node to look for a duplicate key, but does this after having released the lock, so under high write load, the node has many chances of having been reassigned and the dereference of the node crashes after a few iterations. Since the keys are unique anyway, there's no point looking for a dup, so let's just continue from the next value. This is only marked as medium as it seems to have been there for a while, and discovering it that late simply means that nobody uses that command, thus in practice it has a very limited impact on real users. This should be backported to all stable versions. --- src/cache.c | 2 +- 1 file changed, 1 insertion(+), 1 deletion(-) diff --git a/src/cache.c b/src/cache.c index 287ff5325..6ac23b27c 100644 --- a/src/cache.c +++ b/src/cache.c @@ -2589,7 +2589,7 @@ static int cli_io_handler_show_cache(struct appctx *appctx) while (1) { shctx_lock(shctx_ptr(cache)); - if (!node || (node = eb32_next_dup(node)) == NULL) + if (!node) node = eb32_lookup_ge(&cache->entries, next_key); if (!node) { shctx_unlock(shctx_ptr(cache));