Details
-
Bug
-
Resolution: Fixed
-
Major
-
None
-
1.0
-
Security Level: Public
-
None
-
Centos 5.5, Couchbase server 1.8, libcouchbase 1
Description
I had 3 server nodes, 2 of which were down.
When I ran my test program (to store a value), instead of reporting an error or using the remaining node, the program seg faulted.
I traced this back to store.c :66, where vbucket_map(instance->vbucket_config, hashkey, nhashkey, &vb, &idx)
returned -1 for the value idx (the index into the vbucket); this probably indicates that there was no valid index.
The next line, 67, uses idx to reference a server struct. Using -1 causes an invalid memory access and the program crashes with a seg fault.
server = instance->servers + (size_t)idx;
There should be a statement to check the value idx is non negative before using it:
Attachments
| For Gerrit Dashboard: CCBC-51 | ||||||
|---|---|---|---|---|---|---|
| # | Subject | Branch | Project | Status | CR | V |
| 13091,3 | Check server index before using (CCBC-51) | master | libcouchbase | Status: MERGED | +2 | +1 |
