From 7152ac47fb4af2ceda3dc0988af7b8b751c9ed41 Mon Sep 17 00:00:00 2001 From: Arlin Davis Date: Wed, 2 Jul 2014 14:49:53 -0700 Subject: [PATCH] IB extension: segfault in create collective group with non-vector type IA handle" The dats_get_ia_handle call was change in 2.0.34 to convert IA handle from both vector to handle and handle to vector to fix query calls that incorrectly returned IA handles in non-vector form. If a caller uses a non vector IA handle it will get converted incorrectly to a vector and cause a segfault. Add additional check to verify a IA handle type before calling get ia handle to avoid incorrect translation. Signed-off-by: Arlin Davis --- dat/common/dat_api.c | 13 ++++++++----- 1 file changed, 8 insertions(+), 5 deletions(-) diff --git a/dat/common/dat_api.c b/dat/common/dat_api.c index a4d77d2..0c28c11 100755 --- a/dat/common/dat_api.c +++ b/dat/common/dat_api.c @@ -1082,7 +1082,7 @@ extern DAT_RETURN udat_extension_close(IN const DAT_NAME_PTR name, /* Consumer API - dat_extension_op() * - * Handle == IA, EP, EVD, etc + * Handle == IA, EP, EVD, etc * !Handle == direct extension operation to provider without device open * provider name supplied for linkage to library * @@ -1091,16 +1091,19 @@ DAT_RETURN DAT_API dat_extension_op(IN DAT_HANDLE handle, IN DAT_EXTENDED_OP ext_op, IN ...) { DAT_RETURN status; - DAT_IA_HANDLE dapl_handle; + DAT_IA_HANDLE dapl_handle = handle; va_list args; dat_os_dbg_print(DAT_OS_DBG_TYPE_CONSUMER_API, " dat_extension_op: (handle %p, op %d) called\n", handle, ext_op); - /* If not IA handle then just passthrough */ - if (dats_get_ia_handle(handle, &dapl_handle) != DAT_SUCCESS) - dapl_handle = handle; + /* only convert if ia_handle vector */ + if (handle && dats_is_ia_handle(handle)) { + if (dats_get_ia_handle(handle, &dapl_handle)) + return DAT_ERROR(DAT_INVALID_HANDLE, + DAT_INVALID_HANDLE1); + } dat_os_dbg_print(DAT_OS_DBG_TYPE_CONSUMER_API, " dat_extension_op: dapl_handle %p \n", handle); -- 2.41.0