From e62f6c06f74ad019f05ce2092974e4f0600611fe Mon Sep 17 00:00:00 2001 From: Michael Adam Date: Mon, 8 Feb 2010 11:01:47 +0100 Subject: [PATCH] s3:registry: eliminate race condition in creating/scanning sorted subkeys Called, from key_exists, scan_sorted_subkeys re-creates the sorted subkeys record of the given key and then searches through it. The race is that between creation and parsing of the sorted subkey record, another process that stores some other subkey of the same parent key will delete the sorted subkey record, resulting in an WERR_BADFILE of an operation that should actually succeed. This patch fixes the issue by wrapping the creation and parsing into a transaction. Michael (cherry picked from commit a752bbd10d661ebc93b8d51bd583eb62eb00ad18) --- source3/registry/reg_backend_db.c | 17 +++++++++++++++++ 1 files changed, 17 insertions(+), 0 deletions(-) diff --git a/source3/registry/reg_backend_db.c b/source3/registry/reg_backend_db.c index 43963db..fe15b4e 100644 --- a/source3/registry/reg_backend_db.c +++ b/source3/registry/reg_backend_db.c @@ -1368,14 +1368,31 @@ static bool scan_parent_subkeys(struct db_context *db, const char *parent, if (state.scanned) { result = state.found; } else { + res = db->transaction_start(db); + if (res != 0) { + DEBUG(0, ("error starting transacion\n")); + goto fail; + } + if (!create_sorted_subkeys(path, key)) { + res = db->transaction_cancel(db); + if (res != 0) { + smb_panic("Failed to cancel transaction."); + } goto fail; } + res = db->parse_record(db, string_term_tdb_data(key), parent_subkey_scanner, &state); if ((res == 0) && (state.scanned)) { result = state.found; } + + res = db->transaction_commit(db); + if (res != 0) { + DEBUG(0, ("error committing transaction\n")); + result = false; + } } fail: -- 1.6.3.3