From 14bc7d56b5128e1ac22a265b1b492723f7ea9568 Mon Sep 17 00:00:00 2001
From: Amitay Isaacs <amitay@gmail.com>
Date: Thu, 4 Aug 2016 15:37:33 +1000
Subject: [PATCH 01/13] ctdb-tools: Fix CID 1364699 - dereference after null
 check

BUG: https://bugzilla.samba.org/show_bug.cgi?id=12121

Signed-off-by: Amitay Isaacs <amitay@gmail.com>
Reviewed-by: Martin Schwenke <martin@meltin.net>
(cherry picked from commit bf1dab28d1d5887f39739eb29537727d97054c5d)
---
 ctdb/tools/ctdb.c | 2 ++
 1 file changed, 2 insertions(+)

diff --git a/ctdb/tools/ctdb.c b/ctdb/tools/ctdb.c
index d0381a5..3dbdb77 100644
--- a/ctdb/tools/ctdb.c
+++ b/ctdb/tools/ctdb.c
@@ -2563,6 +2563,8 @@ static void wait_for_flags(TALLOC_CTX *mem_ctx, struct ctdb_context *ctdb,
 		if (nodemap == NULL) {
 			fprintf(stderr,
 				"Failed to get nodemap, trying again\n");
+			sleep(1);
+			continue;
 		}
 
 		flag_is_set = nodemap->node[ctdb->cmd_pnn].flags & flag;
-- 
2.8.1


From 9ac3443e8514f1683fe68ea6c05564d7ed83f0fa Mon Sep 17 00:00:00 2001
From: Amitay Isaacs <amitay@gmail.com>
Date: Thu, 4 Aug 2016 15:41:57 +1000
Subject: [PATCH 02/13] ctdb-tools: Fix CID 1364701 - resource leak

BUG: https://bugzilla.samba.org/show_bug.cgi?id=12121

Signed-off-by: Amitay Isaacs <amitay@gmail.com>
Reviewed-by: Martin Schwenke <martin@meltin.net>
(cherry picked from commit 25f27e16b26e2c96a35dd7b42d22d16d63be6037)
---
 ctdb/tools/ctdb.c | 11 +++++------
 1 file changed, 5 insertions(+), 6 deletions(-)

diff --git a/ctdb/tools/ctdb.c b/ctdb/tools/ctdb.c
index 3dbdb77..fa38e41 100644
--- a/ctdb/tools/ctdb.c
+++ b/ctdb/tools/ctdb.c
@@ -5362,7 +5362,7 @@ static int control_ptrans(TALLOC_CTX *mem_ctx, struct ctdb_context *ctdb,
 			  db_flags, &db);
 	if (ret != 0) {
 		fprintf(stderr, "Failed to attach to DB %s\n", db_name);
-		return ret;
+		goto done;
 	}
 
 	ret = ctdb_transaction_start(mem_ctx, ctdb->ev, ctdb->client,
@@ -5370,7 +5370,7 @@ static int control_ptrans(TALLOC_CTX *mem_ctx, struct ctdb_context *ctdb,
 	if (ret != 0) {
 		fprintf(stderr, "Failed to start transaction on db %s\n",
 			db_name);
-		return ret;
+		goto done;
 	}
 
 	while (ptrans_get_key_value(mem_ctx, file, &key, &value)) {
@@ -5379,7 +5379,7 @@ static int control_ptrans(TALLOC_CTX *mem_ctx, struct ctdb_context *ctdb,
 			if (ret != 0) {
 				fprintf(stderr, "Failed to store record\n");
 				ctdb_transaction_cancel(h);
-				return 1;
+				goto done;
 			}
 			talloc_free(key.dptr);
 			talloc_free(value.dptr);
@@ -5390,14 +5390,13 @@ static int control_ptrans(TALLOC_CTX *mem_ctx, struct ctdb_context *ctdb,
 	if (ret != 0) {
 		fprintf(stderr, "Failed to commit transaction on db %s\n",
 			db_name);
-		return ret;
 	}
 
+done:
 	if (file != stdin) {
 		fclose(file);
 	}
-
-	return 0;
+	return ret;
 }
 
 static int control_tfetch(TALLOC_CTX *mem_ctx, struct ctdb_context *ctdb,
-- 
2.8.1


From 2fd6974efc04a7de13bac6f4e7a992bc1199c6af Mon Sep 17 00:00:00 2001
From: Amitay Isaacs <amitay@gmail.com>
Date: Thu, 4 Aug 2016 15:46:33 +1000
Subject: [PATCH 03/13] ctdb-tools: Fix CID 1364702 - resource leak

BUG: https://bugzilla.samba.org/show_bug.cgi?id=12121

Signed-off-by: Amitay Isaacs <amitay@gmail.com>
Reviewed-by: Martin Schwenke <martin@meltin.net>
(cherry picked from commit 10019f7cdfa4b3f5485f063d409aa55ca5f14f6a)
---
 ctdb/tools/ctdb.c | 2 ++
 1 file changed, 2 insertions(+)

diff --git a/ctdb/tools/ctdb.c b/ctdb/tools/ctdb.c
index fa38e41..1968329 100644
--- a/ctdb/tools/ctdb.c
+++ b/ctdb/tools/ctdb.c
@@ -5450,11 +5450,13 @@ static int control_tfetch(TALLOC_CTX *mem_ctx, struct ctdb_context *ctdb,
 		nwritten = sys_write(fd, data.dptr, data.dsize);
 		if (nwritten != data.dsize) {
 			fprintf(stderr, "Failed to write record to file\n");
+			close(fd);
 			goto fail;
 		}
 
 		close(fd);
 	}
+
 fail:
 	ret = ctdb_ltdb_header_extract(&data, &header);
 	if (ret != 0) {
-- 
2.8.1


From 0e9cc567958ef280b2b74ca188aa67c574d36591 Mon Sep 17 00:00:00 2001
From: Amitay Isaacs <amitay@gmail.com>
Date: Thu, 4 Aug 2016 15:50:38 +1000
Subject: [PATCH 04/13] ctdb-tools: Fix CID 1364703 - resource leak

BUG: https://bugzilla.samba.org/show_bug.cgi?id=12121

Signed-off-by: Amitay Isaacs <amitay@gmail.com>
Reviewed-by: Martin Schwenke <martin@meltin.net>
(cherry picked from commit 94bf6e69dba1b97d90168efceaafa43d27186778)
---
 ctdb/tools/ctdb.c | 4 ++++
 1 file changed, 4 insertions(+)

diff --git a/ctdb/tools/ctdb.c b/ctdb/tools/ctdb.c
index 1968329..fbf89f5 100644
--- a/ctdb/tools/ctdb.c
+++ b/ctdb/tools/ctdb.c
@@ -4248,18 +4248,21 @@ static int control_restoredb(TALLOC_CTX *mem_ctx, struct ctdb_context *ctdb,
 	nodemap = get_nodemap(ctdb, false);
 	if (nodemap == NULL) {
 		fprintf(stderr, "Failed to get nodemap\n");
+		close(fd);
 		return ENOMEM;
 	}
 
 	ret = get_generation(mem_ctx, ctdb, &generation);
 	if (ret != 0) {
 		fprintf(stderr, "Failed to get current generation\n");
+		close(fd);
 		return ret;
 	}
 
 	count = list_of_active_nodes(nodemap, CTDB_UNKNOWN_PNN, mem_ctx,
 				     &pnn_list);
 	if (count <= 0) {
+		close(fd);
 		return ENOMEM;
 	}
 
@@ -4390,6 +4393,7 @@ static int control_restoredb(TALLOC_CTX *mem_ctx, struct ctdb_context *ctdb,
 
 
 failed:
+	close(fd);
 	ctdb_ctrl_set_recmode(mem_ctx, ctdb->ev, ctdb->client,
 			      ctdb->pnn, TIMEOUT(), CTDB_RECOVERY_ACTIVE);
 	return ret;
-- 
2.8.1


From e34e3389d28b869617f87d16eb4aa4606f287062 Mon Sep 17 00:00:00 2001
From: Amitay Isaacs <amitay@gmail.com>
Date: Thu, 4 Aug 2016 15:51:39 +1000
Subject: [PATCH 05/13] ctdb-tools: Fix CID 1364704 - resource leak

BUG: https://bugzilla.samba.org/show_bug.cgi?id=12121

Signed-off-by: Amitay Isaacs <amitay@gmail.com>
Reviewed-by: Martin Schwenke <martin@meltin.net>
(cherry picked from commit 45b9c379b590ce0ff03ccaf6c970e0aee1a4b745)
---
 ctdb/tools/ctdb.c | 1 +
 1 file changed, 1 insertion(+)

diff --git a/ctdb/tools/ctdb.c b/ctdb/tools/ctdb.c
index fbf89f5..28b3dc9 100644
--- a/ctdb/tools/ctdb.c
+++ b/ctdb/tools/ctdb.c
@@ -5737,6 +5737,7 @@ static int control_checktcpport(TALLOC_CTX *mem_ctx, struct ctdb_context *ctdb,
 	v = fcntl(s, F_GETFL, 0);
 	if (v == -1 || fcntl(s, F_SETFL, v | O_NONBLOCK)) {
 		fprintf(stderr, "Unable to set socket non-blocking\n");
+		close(s);
 		return errno;
 	}
 
-- 
2.8.1


From 42535b36dd03cccad4685bcbe5f1a6b6ac04fe75 Mon Sep 17 00:00:00 2001
From: Amitay Isaacs <amitay@gmail.com>
Date: Thu, 4 Aug 2016 15:56:23 +1000
Subject: [PATCH 06/13] ctdb-tools: Fix CID 1364705 - resource leak

BUG: https://bugzilla.samba.org/show_bug.cgi?id=12121

Signed-off-by: Amitay Isaacs <amitay@gmail.com>
Reviewed-by: Martin Schwenke <martin@meltin.net>
(cherry picked from commit 5f5d9549fcae4b2fa4b99bef3892a24bdbb0eaa9)
---
 ctdb/tools/ctdb.c | 2 ++
 1 file changed, 2 insertions(+)

diff --git a/ctdb/tools/ctdb.c b/ctdb/tools/ctdb.c
index 28b3dc9..6db57f4 100644
--- a/ctdb/tools/ctdb.c
+++ b/ctdb/tools/ctdb.c
@@ -3023,6 +3023,8 @@ static int control_tickle(TALLOC_CTX *mem_ctx, struct ctdb_context *ctdb,
 			}
 		}
 
+		TALLOC_FREE(clist);
+
 		if (num_failed > 0) {
 			fprintf(stderr, "Failed to send %d tickles\n",
 				num_failed);
-- 
2.8.1


From bd4dc1551cf08f272d7c7f92850d6cb949696e20 Mon Sep 17 00:00:00 2001
From: Amitay Isaacs <amitay@gmail.com>
Date: Thu, 4 Aug 2016 15:58:34 +1000
Subject: [PATCH 07/13] ctdb-tools: Fix CID 1364706 - resource leak

BUG: https://bugzilla.samba.org/show_bug.cgi?id=12121

Signed-off-by: Amitay Isaacs <amitay@gmail.com>
Reviewed-by: Martin Schwenke <martin@meltin.net>
(cherry picked from commit bfe891e418fd372c1e7036f08e81b65c27843a79)
---
 ctdb/tools/ctdb.c | 4 ++++
 1 file changed, 4 insertions(+)

diff --git a/ctdb/tools/ctdb.c b/ctdb/tools/ctdb.c
index 6db57f4..da218aa 100644
--- a/ctdb/tools/ctdb.c
+++ b/ctdb/tools/ctdb.c
@@ -4457,6 +4457,7 @@ static int control_dumpdbbackup(TALLOC_CTX *mem_ctx, struct ctdb_context *ctdb,
 		fprintf(stderr,
 			"Wrong version of backup file, expected %u, got %lu\n",
 			DB_VERSION, db_hdr.version);
+		close(fd);
 		return EINVAL;
 	}
 
@@ -4474,6 +4475,7 @@ static int control_dumpdbbackup(TALLOC_CTX *mem_ctx, struct ctdb_context *ctdb,
 		ret = ctdb_rec_buffer_read(fd, mem_ctx, &recbuf);
 		if (ret != 0) {
 			fprintf(stderr, "Failed to read records\n");
+			close(fd);
 			return ret;
 		}
 
@@ -4481,10 +4483,12 @@ static int control_dumpdbbackup(TALLOC_CTX *mem_ctx, struct ctdb_context *ctdb,
 					       &state);
 		if (ret != 0) {
 			fprintf(stderr, "Failed to dump records\n");
+			close(fd);
 			return ret;
 		}
 	}
 
+	close(fd);
 	printf("Dumped %u record(s)\n", state.sub_state.count);
 	return 0;
 }
-- 
2.8.1


From 1cf0e8cfffe7c2499a411367316336ac2e710093 Mon Sep 17 00:00:00 2001
From: Amitay Isaacs <amitay@gmail.com>
Date: Fri, 5 Aug 2016 12:34:13 +1000
Subject: [PATCH 08/13] ctdb-tools: Free record if it does not contain valid
 data

BUG: https://bugzilla.samba.org/show_bug.cgi?id=12121

Signed-off-by: Amitay Isaacs <amitay@gmail.com>
Reviewed-by: Martin Schwenke <martin@meltin.net>
(cherry picked from commit 814002c9a10227fd6cc13fdc974d2312201d7c19)
---
 ctdb/tools/ctdb.c | 1 +
 1 file changed, 1 insertion(+)

diff --git a/ctdb/tools/ctdb.c b/ctdb/tools/ctdb.c
index da218aa..a92435e 100644
--- a/ctdb/tools/ctdb.c
+++ b/ctdb/tools/ctdb.c
@@ -2038,6 +2038,7 @@ static void traverse_handler(uint64_t srvid, TDB_DATA data, void *private_data)
 	}
 
 	if (rec->data.dsize == 0) {
+		talloc_free(rec);
 		return;
 	}
 
-- 
2.8.1


From 386220d5965ca1b14094935ebd9eedad7845a6eb Mon Sep 17 00:00:00 2001
From: Amitay Isaacs <amitay@gmail.com>
Date: Fri, 5 Aug 2016 12:43:11 +1000
Subject: [PATCH 09/13] ctdb-tools: Free tickle list before exiting

BUG: https://bugzilla.samba.org/show_bug.cgi?id=12121

Signed-off-by: Amitay Isaacs <amitay@gmail.com>
Reviewed-by: Martin Schwenke <martin@meltin.net>
(cherry picked from commit b54bd763b7a4ff3cd1983a8ccc89b23db5263a4d)
---
 ctdb/tools/ctdb.c | 1 +
 1 file changed, 1 insertion(+)

diff --git a/ctdb/tools/ctdb.c b/ctdb/tools/ctdb.c
index a92435e..8ed7784 100644
--- a/ctdb/tools/ctdb.c
+++ b/ctdb/tools/ctdb.c
@@ -3119,6 +3119,7 @@ static int control_gettickles(TALLOC_CTX *mem_ctx, struct ctdb_context *ctdb,
 		}
 	}
 
+	talloc_free(tickles);
 	return 0;
 }
 
-- 
2.8.1


From 37e3dd29c1b861385997bac907affee30063fe95 Mon Sep 17 00:00:00 2001
From: Martin Schwenke <martin@meltin.net>
Date: Fri, 5 Aug 2016 11:27:14 +1000
Subject: [PATCH 10/13] ctdb-tools: Add early return for empty connection list

BUG: https://bugzilla.samba.org/show_bug.cgi?id=12121

If the connection list is empty then process_clist_send() still
creates a request.  However, since no subrequests are created for
controls sent, tevent_req_poll() waits forever for an event.

Signed-off-by: Martin Schwenke <martin@meltin.net>
Reviewed-by: Amitay Isaacs <amitay@gmail.com>
(cherry picked from commit 1f6835c73245366111946b92605315c0cac84295)
---
 ctdb/tools/ctdb.c | 6 ++++++
 1 file changed, 6 insertions(+)

diff --git a/ctdb/tools/ctdb.c b/ctdb/tools/ctdb.c
index 8ed7784..0c19413 100644
--- a/ctdb/tools/ctdb.c
+++ b/ctdb/tools/ctdb.c
@@ -3230,6 +3230,9 @@ static int control_addtickle(TALLOC_CTX *mem_ctx, struct ctdb_context *ctdb,
 		if (ret != 0) {
 			return ret;
 		}
+		if (count == 0) {
+			return 0;
+		}
 
 		req = process_clist_send(mem_ctx, ctdb, clist, count,
 				 ctdb_req_control_tcp_add_delayed_update,
@@ -3288,6 +3291,9 @@ static int control_deltickle(TALLOC_CTX *mem_ctx, struct ctdb_context *ctdb,
 		if (ret != 0) {
 			return ret;
 		}
+		if (count == 0) {
+			return 0;
+		}
 
 		req = process_clist_send(mem_ctx, ctdb, clist, count,
 					 ctdb_req_control_tcp_remove,
-- 
2.8.1


From f217fd7b7126a3f86ca328eadc3f65b40ee18ef7 Mon Sep 17 00:00:00 2001
From: Amitay Isaacs <amitay@gmail.com>
Date: Fri, 5 Aug 2016 12:46:18 +1000
Subject: [PATCH 11/13] ctdb-tools: Free connection list after processing it

BUG: https://bugzilla.samba.org/show_bug.cgi?id=12121

Signed-off-by: Amitay Isaacs <amitay@gmail.com>
Reviewed-by: Martin Schwenke <martin@meltin.net>
(cherry picked from commit 2e5e51ebcd3ec8283cdd9c9d13dbe1fc836f8a3d)
---
 ctdb/tools/ctdb.c | 4 ++++
 1 file changed, 4 insertions(+)

diff --git a/ctdb/tools/ctdb.c b/ctdb/tools/ctdb.c
index 0c19413..40a9aab 100644
--- a/ctdb/tools/ctdb.c
+++ b/ctdb/tools/ctdb.c
@@ -3238,10 +3238,12 @@ static int control_addtickle(TALLOC_CTX *mem_ctx, struct ctdb_context *ctdb,
 				 ctdb_req_control_tcp_add_delayed_update,
 				 ctdb_reply_control_tcp_add_delayed_update);
 		if (req == NULL) {
+			talloc_free(clist);
 			return ENOMEM;
 		}
 
 		tevent_req_poll(req, ctdb->ev);
+		talloc_free(clist);
 
 		ret = process_clist_recv(req);
 		if (ret != 0) {
@@ -3299,10 +3301,12 @@ static int control_deltickle(TALLOC_CTX *mem_ctx, struct ctdb_context *ctdb,
 					 ctdb_req_control_tcp_remove,
 					 ctdb_reply_control_tcp_remove);
 		if (req == NULL) {
+			talloc_free(clist);
 			return ENOMEM;
 		}
 
 		tevent_req_poll(req, ctdb->ev);
+		talloc_free(clist);
 
 		ret = process_clist_recv(req);
 		if (ret != 0) {
-- 
2.8.1


From cdb8f4ee7690594edb32810ee1fa67668be7ef78 Mon Sep 17 00:00:00 2001
From: Amitay Isaacs <amitay@gmail.com>
Date: Fri, 5 Aug 2016 13:25:25 +1000
Subject: [PATCH 12/13] ctdb-tools: Close tdb database on error

BUG: https://bugzilla.samba.org/show_bug.cgi?id=12121

Signed-off-by: Amitay Isaacs <amitay@gmail.com>
Reviewed-by: Martin Schwenke <martin@meltin.net>
(cherry picked from commit c9750c821e06364cb4559f857c359c14e6799303)
---
 ctdb/tools/ctdb.c | 6 ++++++
 1 file changed, 6 insertions(+)

diff --git a/ctdb/tools/ctdb.c b/ctdb/tools/ctdb.c
index 40a9aab..50a8564 100644
--- a/ctdb/tools/ctdb.c
+++ b/ctdb/tools/ctdb.c
@@ -5442,17 +5442,20 @@ static int control_tfetch(TALLOC_CTX *mem_ctx, struct ctdb_context *ctdb,
 	ret = str_to_data(argv[1], strlen(argv[1]), mem_ctx, &key);
 	if (ret != 0) {
 		fprintf(stderr, "Failed to parse key %s\n", argv[1]);
+		tdb_close(tdb);
 		return ret;
 	}
 
 	data = tdb_fetch(tdb, key);
 	if (data.dptr == NULL) {
 		fprintf(stderr, "No record for key %s\n", argv[1]);
+		tdb_close(tdb);
 		return 1;
 	}
 
 	if (data.dsize < sizeof(struct ctdb_ltdb_header)) {
 		fprintf(stderr, "Invalid record for key %s\n", argv[1]);
+		tdb_close(tdb);
 		return 1;
 	}
 
@@ -5514,12 +5517,14 @@ static int control_tstore(TALLOC_CTX *mem_ctx, struct ctdb_context *ctdb,
 	ret = str_to_data(argv[1], strlen(argv[1]), mem_ctx, &key);
 	if (ret != 0) {
 		fprintf(stderr, "Failed to parse key %s\n", argv[1]);
+		tdb_close(tdb);
 		return ret;
 	}
 
 	ret = str_to_data(argv[2], strlen(argv[2]), mem_ctx, &value);
 	if (ret != 0) {
 		fprintf(stderr, "Failed to parse value %s\n", argv[2]);
+		tdb_close(tdb);
 		return ret;
 	}
 
@@ -5540,6 +5545,7 @@ static int control_tstore(TALLOC_CTX *mem_ctx, struct ctdb_context *ctdb,
 	data.dptr = talloc_size(mem_ctx, data.dsize);
 	if (data.dptr == NULL) {
 		fprintf(stderr, "Memory allocation error\n");
+		tdb_close(tdb);
 		return 1;
 	}
 
-- 
2.8.1


From 0f6132e7218b0804f957acd0f32f701012ad7819 Mon Sep 17 00:00:00 2001
From: Amitay Isaacs <amitay@gmail.com>
Date: Fri, 5 Aug 2016 13:56:40 +1000
Subject: [PATCH 13/13] ctdb-tools: Free temporary memory context before
 exiting

BUG: https://bugzilla.samba.org/show_bug.cgi?id=12121

Signed-off-by: Amitay Isaacs <amitay@gmail.com>
Reviewed-by: Martin Schwenke <martin@meltin.net>
(cherry picked from commit 3c51ac48df50a877ded34f3678aeb13f3509570d)
---
 ctdb/tools/ctdb.c | 4 +++-
 1 file changed, 3 insertions(+), 1 deletion(-)

diff --git a/ctdb/tools/ctdb.c b/ctdb/tools/ctdb.c
index 50a8564..c83d397 100644
--- a/ctdb/tools/ctdb.c
+++ b/ctdb/tools/ctdb.c
@@ -6454,7 +6454,9 @@ static int process_command(const struct ctdb_cmd *cmd, int argc,
 			goto fail;
 		}
 
-		return cmd->fn(tmp_ctx, NULL, argc-1, argv+1);
+		ret = cmd->fn(tmp_ctx, NULL, argc-1, argv+1);
+		talloc_free(tmp_ctx);
+		return ret;
 	}
 
 	ctdb = talloc_zero(tmp_ctx, struct ctdb_context);
-- 
2.8.1