[#MXS-4934] Use-after-free after service deletion

[MXS-4934] Use-after-free after service deletion Created: 2024-01-15 Updated: 2024-01-24 Resolved: 2024-01-16
Status:	Closed
Project:	MariaDB MaxScale
Component/s:	Core, readwritesplit
Affects Version/s:	6.4.13, 22.08.11, 23.02.8, 23.08.4
Fix Version/s:	6.4.14, 22.08.12, 23.02.9, 23.08.5

Type:

Bug

Priority:

Major

Reporter:

markus makela

Assignee:

markus makela

Resolution:

Fixed

Votes:

Labels:

None

Description

In a multi-layered service configuration where there are services that use other services in their targets, the deletion of an upper level service (parent) is not taken into account by the lower level services (child) if done with maxctrl destroy service --force. This causes a use-after-free to take place the next time the parent pointer is accessed.

Additionally, in readwritesplit stale services are not removed from the per-service statistics. The diagnostics function accesses the pointers without first checking for the validity of it.

Generated at Thu Feb 08 04:32:12 UTC 2024 using Jira 8.20.16#820016-sha1:9d11dbea5f4be3d4cc21f03a88dd11d8c8687422.

[MXS-4934] Use-after-free after service deletion Created: 2024-01-15 Updated: 2024-01-24 Resolved: 2024-01-16