[KUDU-3520] File descriptor leak in Env::NewRWFile() when encryption-at-rest is enabled - ASF JIRA

XML

Word

Printable

JSON

Details

Type: Bug
Status: Resolved
Priority: Major
Resolution: Fixed
Affects Version/s: 1.16.0, 1.17.0
Fix Version/s: 1.18.0
Component/s: fs, security, tserver
Labels:
None

Description

There is a file descriptor leak in Env::NewRWFile() on an error path when encryption-at-rest is enabled.

In the code below, if ReadEncryptionHeader() or WriteEncryptionHeader() failed, the descriptor of the file opened by DoOpen() would be leaked.

    RETURN_NOT_OK(DoOpen(fname, opts.mode, &fd));
    EncryptionHeader eh;
    if (encrypt) {
      DCHECK(encryption_key_);
      if (size >= kEncryptionHeaderSize) {
        RETURN_NOT_OK(ReadEncryptionHeader(fd, fname, *encryption_key_, &eh));
      } else {
        RETURN_NOT_OK(GenerateHeader(&eh));
        RETURN_NOT_OK(WriteEncryptionHeader(fd, fname, *encryption_key_, eh));
      }
    }
    result->reset(new PosixRWFile(fname, fd, opts.sync_on_close, encrypt, eh));

It's been evidenced in the wild when creating the metadata file for a tablet during tablet copying failed with the error like below:

Runtime error: Couldn't create tablet metadata: Failed to write tablet metadata d199a872b03848d695f067ed5c694835: Failed to initialize encryption: error:0607B083:digital envelope routines:EVP_CipherInit_ex:no cipher set:crypto/evp/evp_enc.c:170

Attachments

Activity

People

Assignee:: Attila Bukor

Reporter:: Alexey Serbin

Votes:: 0 Vote for this issue

Watchers:: 4 Start watching this issue

Dates

Created:: 27/Oct/23 16:42

Updated:: 21/Nov/23 02:41

Resolved:: 14/Nov/23 12:45